weshield.us Open in urlscan Pro
45.33.94.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://order.weshield.us/e3t/Btc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dX...
Effective URL:
https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJu...
Submission: On November 23 via manual (November 23rd 2021, 4:51:03 pm UTC) from US — Scanned from US

Summary HTTP 174 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 38 IPs in 2 countries across 39 domains to perform 174 HTTP transactions. The main IP is 45.33.94.74, located in Cedar Knolls, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is weshield.us.
TLS certificate: Issued by R3 on November 14th 2021. Valid for: 3 months.

This is the only time weshield.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
34	45.33.94.74 45.33.94.74	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1 7	2600:1f18:765... 2600:1f18:765:4800:7681:18d0:4c60:ba77	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2600:9000:21d... 2600:9000:21da:d200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:806::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.217.47.10 23.217.47.10	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
62	13.226.37.17 13.226.37.17	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:109:c002... 2620:109:c002::6cae:a0e	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.67.179.122 68.67.179.122	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
3 3	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
1 1	54.90.48.240 54.90.48.240	14618 (AMAZON-AES) (AMAZON-AES)
1	54.156.89.184 54.156.89.184	14618 (AMAZON-AES) (AMAZON-AES)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:1f18:612... 2600:1f18:612b:4232:542e:84b1:1361:c28e	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.213.3.60 3.213.3.60	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1 2	192.35.249.127 192.35.249.127	11742 (SPOTX-IAD) (SPOTX-IAD)
1	184.73.169.224 184.73.169.224	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.174.191.125 35.174.191.125	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
1	54.230.162.67 54.230.162.67	16509 (AMAZON-02) (AMAZON-02)
1	34.215.209.196 34.215.209.196	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.63.33 13.225.63.33	16509 (AMAZON-02) (AMAZON-02)
174	38

2 2606:2c40::c73c:67e4 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

order.weshield.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 45.33.94.74 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1077-74.members.linode.com

weshield.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pxl.iqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21da:d200:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.217.47.10 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-47-10.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 13.226.37.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-17.ewr53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:109:c002::6cae:a0e (United States) 3 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.122 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.162.21 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.64.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.90.48.240 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-48-240.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.89.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-89-184.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:542e:84b1:1361:c28e (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.3.60 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-3-60.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.127 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.169.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-169-224.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.174.191.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-191-125.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-67.ewr53.r.cloudfront.net

s.dca0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.209.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-209-196.us-west-2.compute.amazonaws.com

f71395d2-f622-a58c-8c2a-30789f99f945.z1.dca0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-33.ewr53.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	818 KB
36	weshield.us 1 redirects order.weshield.us weshield.us	1 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	381 KB
8	6sc.co j.6sc.co c.6sc.co b.6sc.co	14 KB
8	adroll.com 1 redirects s.adroll.com d.adroll.com	38 KB
7	iqm.com 1 redirects pxl.iqm.com	4 KB
6	drift.com metrics.api.drift.com bootstrap.api.drift.com	433 B
5	doubleclick.net 3 redirects cm.g.doubleclick.net stats.g.doubleclick.net	1 KB
5	linkedin.com 5 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	facebook.net connect.facebook.net	220 KB
4	google.com www.google.com	37 KB
3	facebook.com www.facebook.com	401 B
3	pubmatic.com 3 redirects image6.pubmatic.com simage2.pubmatic.com	1 KB
3	googletagmanager.com www.googletagmanager.com	132 KB
2	dca0.com s.dca0.com f71395d2-f622-a58c-8c2a-30789f99f945.z1.dca0.com	2 KB
2	hubspot.com forms.hubspot.com track.hubspot.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	910 B
2	advertising.com 2 redirects pixel.advertising.com	747 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	507 B
2	pippio.com 2 redirects pippio.com	854 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	510 B
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com	2 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com	539 B
2	licdn.com snap.licdn.com	5 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	driftcdn.com embeds.driftcdn.com	5 KB
1	hubapi.com api.hubapi.com	968 B
1	hsforms.com forms.hsforms.com	520 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	tremorhub.com 1 redirects partners.tremorhub.com	419 B
1	districtm.io dmx.districtm.io	208 B
1	adnxs.com secure.adnxs.com	687 B
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hs-scripts.com js.hs-scripts.com	968 B
174	39

	Domain	Requested by
62	js.driftt.com	weshield.us js.driftt.com
34	weshield.us	order.weshield.us weshield.us
7	pxl.iqm.com	1 redirects weshield.us
6	b.6sc.co	weshield.us
5	s.adroll.com	1 redirects weshield.us www.googletagmanager.com s.adroll.com
4	metrics.api.drift.com	js.driftt.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com weshield.us
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	connect.facebook.net	weshield.us connect.facebook.net
4	www.google.com	weshield.us www.gstatic.com www.google.com
3	www.facebook.com	weshield.us
3	d.adroll.com	s.adroll.com
3	cm.g.doubleclick.net	3 redirects
3	px.ads.linkedin.com	3 redirects
3	www.googletagmanager.com	weshield.us www.googletagmanager.com
2	bootstrap.api.drift.com	js.driftt.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	sync.search.spotxchange.com	1 redirects weshield.us
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pippio.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	p.adsymptotic.com	1 redirects weshield.us
2	snap.licdn.com	weshield.us js.hsadspixel.net
2	fonts.googleapis.com	weshield.us
2	order.weshield.us	1 redirects
1	embeds.driftcdn.com	js.driftt.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	f71395d2-f622-a58c-8c2a-30789f99f945.z1.dca0.com	s.dca0.com
1	s.dca0.com	s.adroll.com
1	forms.hsforms.com	weshield.us
1	forms.hubspot.com	js.hscollectedforms.net
1	bpi.rtactivate.com	weshield.us
1	partners.tremorhub.com	1 redirects
1	simage2.pubmatic.com	1 redirects
1	beacon.krxd.net	weshield.us
1	usermatch.krxd.net	1 redirects
1	dmx.districtm.io	weshield.us
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	j.6sc.co	weshield.us
1	js.hs-scripts.com	weshield.us
174	52

This site contains links to these domains. Also see Links.

Domain
shop.weshield.us
weshield-1.hubspotpagebuilder.com
www.facebook.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
order.weshield.us Cloudflare Inc ECC CA-3	`2021-02-18` - `2022-02-17`	a year	crt.sh
weshield.us R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-02` - `2021-12-01`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
dca0.com Amazon	`2021-09-13` - `2022-10-12`	a year	crt.sh
*.z1.dca0.com Amazon	`2021-03-10` - `2022-04-08`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Frame ID: C13DDA6699C8C8A0508181F751051D75
Requests: 109 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&co=aHR0cHM6Ly93ZXNoaWVsZC51czo0NDM.&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=swaejw2mj0e1
Frame ID: 7BF18C9C3E973E77634E074D08898D8A
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1AF5AF1D6817A33A04A4CE803A9D9D28
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
Frame ID: F874BA878F5F74F80D9C6465A6369B91
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
Frame ID: E1D6F230533D33ED33A0E2B34A47E710
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PPE (Personal protective equipment) / Kits & Safety Supplies - We Shield

Page URL History Show full URLs

https://order.weshield.us/e3t/Btc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1... Page URL
https://order.weshield.us/events/public/v1/encoded/track/tc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW... HTTP 307
https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCd... Page URL

Page Statistics

174
Requests

94 %
HTTPS

50 %
IPv6

39
Domains

52
Subdomains

38
IPs

2
Countries

2957 kB
Transfer

7189 kB
Size

67
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.weshield.us/
Title: Products

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/optec-17
Title: <img width="960" height="430" src="https://weshield.us/wp-content/uploads/2021/09/ABT-86822-BnxNW-COVID-19-Group-QR-05cTD-960x430-1.jpg" class="attachment-1536x1536 size-1536x1536" alt="" srcset="https://weshield.us/wp-content/uploads/2021/09/ABT-86822-BnxNW-COVID-19-Group-QR-05cTD-960x430-1.jpg 960w, https://weshield.us/wp-content/uploads/2021/09/ABT-86822-BnxNW-COVID-19-Group-QR-05cTD-960x430-1-300x134.jpg 300w, https://weshield.us/wp-content/uploads/2021/09/ABT-86822-BnxNW-COVID-19-Group-QR-05cTD-960x430-1-768x344.jpg 768w" sizes="(max-width: 960px) 100vw, 960px" />

Search URL Search Domain Scan URL

URL: https://weshield-1.hubspotpagebuilder.com/generalwebsite?__hstc=154496103.788a7f2593cb72e229a1d85e8db41f7d.1637686258815.1637686258815.1637686258815.1&__hssc=154496103.1.1637686258815&__hsfp=808429732
Title: Contact a specialist

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/masks-1
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/3ply-mask.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/3ply-mask.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/3ply-mask-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/3ply-mask-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/safety-glasses-6
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/protective-glass.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/protective-glass.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/protective-glass-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/protective-glass-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/gloves-2
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/gloves.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/gloves.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/gloves-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/gloves-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/face-shields-3
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/06/face-shield.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/06/face-shield.jpg 530w, https://weshield.us/wp-content/uploads/2020/06/face-shield-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/06/face-shield-150x150.jpg 150w, https://weshield.us/wp-content/uploads/2020/06/face-shield-100x100.jpg 100w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/wipes-sanitizers-7
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/wipes.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/wipes.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/wipes-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/wipes-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/gowns-4
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/gown1.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/gown1.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/gown1-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/gown1-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/personal-protective-equipment-8
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/pro-equipement.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/pro-equipement.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/pro-equipement-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/pro-equipement-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://shop.weshield.us/shop/category/gowns-reusable-gowns-5
Title: <img width="530" height="530" src="https://weshield.us/wp-content/uploads/2020/07/gown2.jpg" class="attachment-full size-full" alt="" srcset="https://weshield.us/wp-content/uploads/2020/07/gown2.jpg 530w, https://weshield.us/wp-content/uploads/2020/07/gown2-300x300.jpg 300w, https://weshield.us/wp-content/uploads/2020/07/gown2-150x150.jpg 150w" sizes="(max-width: 530px) 100vw, 530px" />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/weshield.us/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/weshield-ppe/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/weshield.social/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://order.weshield.us/e3t/Btc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm13p2SN_W8qMfr81VlD6gW7T6GQg4h-8c9N3--G3Jt3CYLN8XRJMqzc1GvW7ZrbqF4jFCmFW599XmS3zxLwBW30WqQ84MWn2xW91fLKd14dY6HW2gZvlS8h8-m2W7kvp1M4wbxFGW5CFbWq6WKWGpW7bqGvj31VmsRW5N34HJ7j81Yw3hTK1 Page URL
https://order.weshield.us/events/public/v1/encoded/track/tc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm13p2SN_W8qMfr81VlD6gW7T6GQg4h-8c9N3--G3Jt3CYLN8XRJMqzc1GvW7ZrbqF4jFCmFW599XmS3zxLwBW30WqQ84MWn2xW91fLKd14dY6HW2gZvlS8h8-m2W7kvp1M4wbxFGW5CFbWq6WKWGpW7bqGvj31VmsRW5N34HJ7j81Yw3hTK1?_ud=7db96ecb-8614-4f43-8e29-cb3467ec4202&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://pxl.iqm.com/c/8ef1996d-6f11-4a61-9042-930897f28425 HTTP 302
https://pxl.iqm.com/i/cookie/service/redirect?tagId=8ef1996d-6f11-4a61-9042-930897f28425

Request Chain 55

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3060457%26time%3D1637686257899%26url%3Dhttps%253A%252F%252Fweshield.us%252F%253Futm_medium%253Demail%2526_hsmi%253D186353448%2526_hsenc%253Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%2526utm_content%253D186353448%2526utm_source%253Dhs_automation%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&cookiesTest=true&liSync=true&e_ipv6=AQIQRvbvXtFmzwAAAX1NtSrdLxYvQBWjGHubNoWGkl1k5HQIbcEkx-48Ij9ApaHWpZg8bd2xBw8 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=133eace5-a241-42b5-8d51-5b581b313a9f HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=133eace5-a241-42b5-8d51-5b581b313a9f&_expected_cookie=3cda6bfd4409f5cc0c88bf3ec4f7b3ae

Request Chain 56

https://s.adroll.com/j/exp/QMNMPUQDDBBSXKRLZCC4BD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=178&external_user_id=12c26463-0c04-4e61-8ff5-b8222d2d729b&cb=https://pxl.iqm.com/i/ck/indexch?cmid= HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fpxl.iqm.com%2Fi%2Fck%2Findexch%3Fcmid%3D&cm_dsp_id=178&external_user_id=12c26463-0c04-4e61-8ff5-b8222d2d729b&C=1 HTTP 302
https://pxl.iqm.com/i/ck/indexch?cmid=YZ0b8vcSmKcma7DZKhhl5QAA

Request Chain 65

https://idsync.rlcdn.com/709732.gif?partner_uid=12c26463-0c04-4e61-8ff5-b8222d2d729b HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COSoKxIwCiwIARClyAkaJDEyYzI2NDYzLTBjMDQtNGU2MS04ZmY1LWI4MjIyZDJkNzI5YhAAGg0I8rf0jAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=c1731521742c4a86ce016b306ee948ad4a3d5a4c35b982666ae5963f9acad79e791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjMTczMTUyMTc0MmM0YTg2Y2UwMTZiMzA2ZWU5NDhhZDRhM2Q1YTRjMzViOTgyNjY2YWU1OTYzZjlhY2FkNzllNzkxNDI2YjU0MTdkY2UyMRAAGgwI8rf0jAYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjMTczMTUyMTc0MmM0YTg2Y2UwMTZiMzA2ZWU5NDhhZDRhM2Q1YTRjMzViOTgyNjY2YWU1OTYzZjlhY2FkNzllNzkxNDI2YjU0MTdkY2UyMRAAGgwI8rf0jAYSBAgCEABCAEoA&google_gid=CAESEMiq9o3rPGya4YAGNL68zK8&google_cver=1 HTTP 307
https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=iqm&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iqm&google_cm=&google_tc= HTTP 302
https://pxl.iqm.com/i/ck/adx?google_gid=CAESECXG9KL6gC8TuUxSfvhtnkY&google_cver=1

Request Chain 67

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzM4MiZ0bD0xMjk2MDA%3D%26piggybackCookie%3D12c26463-0c04-4e61-8ff5-b8222d2d729b%26r%3Dhttps%3A%2F%2Fpxl.iqm.com%2Fi%2Fck%2Fpubmatic%3Fpuid%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzM4MiZ0bD0xMjk2MDA%3D%26piggybackCookie%3D12c26463-0c04-4e61-8ff5-b8222d2d729b%26r%3Dhttps%3A%2F%2Fpxl.iqm.com%2Fi%2Fck%2Fpubmatic%3Fpuid%3D%24%7BPUBMATIC_UID%7D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzM4MiZ0bD0xMjk2MDA=&piggybackCookie=12c26463-0c04-4e61-8ff5-b8222d2d729b&r=https://pxl.iqm.com/i/ck/pubmatic?puid=${PUBMATIC_UID} HTTP 302
https://pxl.iqm.com/i/ck/pubmatic?puid=E646101E-1B21-4DA2-90F2-09136B67D553

Request Chain 68

https://partners.tremorhub.com/sync?UIIQ=12c26463-0c04-4e61-8ff5-b8222d2d729b HTTP 302
https://pxl.iqm.com/i/ck/telaria?cid=32e7dcec4b2a4cd9b569ac125a99d12f&UIIQ=12c26463-0c04-4e61-8ff5-b8222d2d729b

Request Chain 69

https://pixel.advertising.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true&apid=UP88310716-4c7d-11ec-90e3-0e5762b885b3 HTTP 302
https://ups.analytics.yahoo.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true&apid=UP88310716-4c7d-11ec-90e3-0e5762b885b3&verify=true HTTP 302
https://pxl.iqm.com/i/ck/onevideo?uid=UP88310716-4c7d-11ec-90e3-0e5762b885b3

Request Chain 70

https://sync.search.spotxchange.com/partner?adv_id=8113&uid=12c26463-0c04-4e61-8ff5-b8222d2d729b HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8113&uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&__user_check__=1&sync_id=884333b1-4c7d-11ec-8489-1b1a35d30103

174 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm13p2SN_W8qMfr81VlD6gW7T6GQg4h-8c9N3--G3Jt3CYLN8XRJMqzc1GvW7ZrbqF4jFCmFW599XmS... Show response
order.weshield.us/e3t/Btc/RI*2286/cZZj304/ 9 KB
3 KB 280ms
159ms Document
text/html 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://order.weshield.us/e3t/Btc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm13p2SN_W8qMfr81VlD6gW7T6GQg4h-8c9N3--G3Jt3CYLN8XRJMqzc1GvW7ZrbqF4jFCmFW599XmS3zxLwBW30WqQ84MWn2xW91fLKd14dY6HW2gZvlS8h8-m2W7kvp1M4wbxFGW5CFbWq6WKWGpW7bqGvj31VmsRW5N34HJ7j81Yw3hTK1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 632b56e1be6d3c41afdfb4b5f537e8f1f9ff0682db9760111947ffefd82eacb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

date: Tue, 23 Nov 2021 16:50:56 GMT
content-type: text/html;charset=utf-8
cf-ray: 6b2be63bfb6329a9-ORD
last-modified: Tue, 23 Nov 2021 16:50:56 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 65fc0ad4-0de4-49be-838d-0208579146ce
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F8pxjq%2BFQSHGl1Z1CsHcjFpGdcLFDBiGi7vdaEjk75mHLZxqH%2Fiziy%2BY6xXbs3u%2BCK32lrGCr6PoV6D72gkmNtkyCkUy4DeEs5RPp0p9FdJb3PZdYq4Jw0o3rqQXKmr4QHdCRyNTrudyyloRGKy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
weshield.us/
Redirect Chain

https://order.weshield.us/events/public/v1/encoded/track/tc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm1...
https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=18...

102 KB
17 KB

1042ms
932ms

Document
text/html

45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Requested by: Host: order.weshield.us
URL: https://order.weshield.us/e3t/Btc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm13p2SN_W8qMfr81VlD6gW7T6GQg4h-8c9N3--G3Jt3CYLN8XRJMqzc1GvW7ZrbqF4jFCmFW599XmS3zxLwBW30WqQ84MWn2xW91fLKd14dY6HW2gZvlS8h8-m2W7kvp1M4wbxFGW5CFbWq6WKWGpW7bqGvj31VmsRW5N34HJ7j81Yw3hTK1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 2bff2381a23550d2b7b78f16b83cc1c7f7d9cfca47f90cb548eeeb7638038089

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://order.weshield.us/e3t/Btc/RI*2286/cZZj304/VV-rHB30-Fm5W8y5cgz3Q1bhsW8kTzPf4Bdxz9N8SvFDB3lLzNV1-WJV7CgQ1FW2bf1CG9dXjYFW7R9l174s_WsjW3_Mz8b6yBxqmW8pxDrD8LsDnRW8xyWm13p2SN_W8qMfr81VlD6gW7T6GQg4h-8c9N3--G3Jt3CYLN8XRJMqzc1GvW7ZrbqF4jFCmFW599XmS3zxLwBW30WqQ84MWn2xW91fLKd14dY6HW2gZvlS8h8-m2W7kvp1M4wbxFGW5CFbWq6WKWGpW7bqGvj31VmsRW5N34HJ7j81Yw3hTK1

Response headers

server: nginx
date: Tue, 23 Nov 2021 16:50:57 GMT
content-type: text/html; charset=UTF-8
content-length: 16813
link: <https://weshield.us/wp-json/>; rel="https://api.w.org/", <https://weshield.us/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://weshield.us/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0
expires: Tue, 23 Nov 2021 16:50:56 GMT

Redirect headers

date: Tue, 23 Nov 2021 16:50:56 GMT
location: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
cf-ray: 6b2be63d1db629a9-ORD
link: <https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 6598a053-c6b0-424d-8c45-23a13585b566
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZF21Onka5uo4aH1YFHBvJa62igolA11GH5970kxIG15bQYH8sf6InORwz7QJp8lSvEFx0UVDxaoYAhEOFWpqF7VY1nZDi3vok%2FrPDzKlBBZ5mBsyBi0vDpDZbFEjSSZj2iUAE6Q2OpLwSph5T4v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 autoptimize_b8dbe53f6f62acccd56e10201aa31a33.css
weshield.us/wp-content/cache/autoptimize/css/ 470 KB
84 KB 58ms
57ms Stylesheet
text/css 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_b8dbe53f6f62acccd56e10201aa31a33.css
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 405756f9ef34f84e175d971f7875fac945507261dcc039e996dbc367ebae82f6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 14:05:29 GMT
server: nginx
etag: W/"60bf7929-757b5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 cb70d11b8.min.css
weshield.us/wp-content/uploads/essential-addons-elementor/ 97 KB
11 KB 99ms
97ms Stylesheet
text/css 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1637686256
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 2ad119adbf41e14691f915062e737af81b5ab62eba5a972fc9509d778ac0e215

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:55:00 GMT
server: nginx
etag: W/"6196cbb4-183af"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 146ms
56ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Jost%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C700&display=swap&ver=1.0

Requested by

Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b25f71e2d65584cc8e9136865d34f9900b9f19033c45462869740feb1ca4913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:50:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 16:50:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 16:50:57 GMT

GET
H2 200 autoptimize_single_755aae1b3daed12ebba01d4343d5dd90.css
weshield.us/wp-content/cache/autoptimize/css/ 937 B
478 B 99ms
97ms Stylesheet
text/css 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_755aae1b3daed12ebba01d4343d5dd90.css?ver=1637160606
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 1ebef2210345f570430d0baeb0be8bcbb7608236780a61f3c9d000af835ee45e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 14:50:42 GMT
server: nginx
etag: W/"619516c2-3a9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 autoptimize_single_b180108c653a15c4a2b0c2182c14b0b9.css
weshield.us/wp-content/cache/autoptimize/css/ 6 KB
893 B 99ms
98ms Stylesheet
text/css 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_b180108c653a15c4a2b0c2182c14b0b9.css?ver=1620705815
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 0a455faee413910c4069f4b2aa3a264087b269469b64817b85243cbf6d464f97

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 19:05:04 GMT
server: nginx
etag: W/"60a6b2e0-1705"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 autoptimize_single_1e50e736a26362da8eba20b8064354aa.css
weshield.us/wp-content/cache/autoptimize/css/ 40 KB
3 KB 99ms
98ms Stylesheet
text/css 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_1e50e736a26362da8eba20b8064354aa.css?ver=1636577989
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 2582bc50c10ceef617a54a610acd1290a1988fa62b8439e215de57e19d438d9f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 19:42:37 GMT
server: nginx
etag: W/"6182e62d-a040"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 159ms
70ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14b6ecea28d110fbf307fa31e248c1eca0e7b6e5895b462ba1782906ea54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:08:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 16:50:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 16:50:57 GMT

GET
H2 200 jquery.min.js Show response
weshield.us/wp-includes/js/jquery/ 87 KB
30 KB 99ms
98ms Script
application/javascript 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 16:48:58 GMT
server: nginx
etag: W/"601047fa-15d98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 214ms
124ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169184952-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d951742d66a387e5dd3e7360b667334bafb987b70a463897948ace5536bd378a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36134
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Nov 2021 16:50:57 GMT

GET
H2

200

redirect Show response
pxl.iqm.com/i/cookie/service/
Redirect Chain

https://pxl.iqm.com/c/8ef1996d-6f11-4a61-9042-930897f28425
https://pxl.iqm.com/i/cookie/service/redirect?tagId=8ef1996d-6f11-4a61-9042-930897f28425

1 KB
2 KB

53ms
53ms

Script
text/javascript

2600:1f18:765:4800:7681:18d0:4c60:ba77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pxl.iqm.com/i/cookie/service/redirect?tagId=8ef1996d-6f11-4a61-9042-930897f28425
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 2600:1f18:765:4800:7681:18d0:4c60:ba77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 5147ed58cf763633c7a305305d671150a8afd56a99b71d7ede3fb8f2eb21db2f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1280

Redirect headers

date: Tue, 23 Nov 2021 16:50:57 GMT
server: nginx
location: https://pxl.iqm.com/i/cookie/service/redirect?tagId=8ef1996d-6f11-4a61-9042-930897f28425
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 88

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/ 51 KB
16 KB 152ms
66ms Script
text/javascript 2600:9000:21da:d200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/roundtrip.js
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:d200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61b0595bf7a781bfe65f3b810966b111b4e65946dead4dd4fa797f9ec95677e7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: pJQ8zV_gJSIr2HDYXd7H0fhzWAGJCohO
Content-Encoding: gzip
Etag: W/"f5e4c5d542e4ad00425a8508513d8404"
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Sat, 20 Nov 2021 23:19:33 GMT
Server: AmazonS3
Date: Tue, 23 Nov 2021 16:50:57 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Via: 1.1 a74c33aabb438b6226856fa442878fa2.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FoL5RhcTE51NrJ4XRrQNy5BUmyBGJz46ABiLZPppLYykD9LIyjoPMg==

GET
H2 200 lazysizes.min.js Show response
weshield.us/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 47ms
44ms Script
application/javascript 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 03:58:34 GMT
server: nginx
etag: W/"609a00ea-2655"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 wp-polyfill.min.js Show response
weshield.us/wp-includes/js/dist/vendor/ 97 KB
34 KB 95ms
95ms Script
application/javascript 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 16:48:58 GMT
server: nginx
etag: W/"601047fa-183ee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 162ms
63ms Script
text/javascript 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&ver=3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d0944298198084550d6b8bcca6c193de4dc8990adc909df1eaaca54bc64e1f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 16:50:57 GMT

GET
H2 200 8180247.js Show response
js.hs-scripts.com/ 2 KB
968 B 88ms
32ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8180247.js
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3140db317c7e3cc3d55edd428d0f6e0e3f3fa58c4198b31a341cdc68e88d3d84

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 54
cf-polished: origSize=2016
x-hubspot-correlation-id: 7269df2e-47b8-411f-82f0-5d8f2a293e5f
last-modified: Tue, 23 Nov 2021 16:50:03 GMT
server: cloudflare
x-trace: 2B66C16E11CF402E86F6DC52938E2B62A87BA9A309000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://weshield.us
expires: Tue, 23 Nov 2021 16:51:57 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6b2be6465a6c2a15-ORD
cf-bgj: minify

GET
H2 200 autoptimize_295a3b70d6858d999c9e3f4c97b7ed04.js Show response
weshield.us/wp-content/cache/autoptimize/js/ 502 KB
141 KB 55ms
51ms Script
application/javascript 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/cache/autoptimize/js/autoptimize_295a3b70d6858d999c9e3f4c97b7ed04.js
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 62d8220ed22b01985fd211e746c8be9f8d2df54543d9cd32d50d61d65d1bde91

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 18:40:57 GMT
server: nginx
etag: W/"6116bcb9-7d6a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 wp-emoji-release.min.js Show response
weshield.us/wp-includes/js/ 14 KB
5 KB 82ms
79ms Script
application/javascript 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 03:48:35 GMT
server: nginx
etag: W/"601b6e93-3795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
62 KB 150ms
73ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3C3B6G

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecffb9636a70f675c81ff0fa8ed55ade2a714a0aab59354a880f7b303e655aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62938
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Nov 2021 16:50:57 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 27 KB
9 KB 162ms
49ms Script
application/javascript 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:50:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8575
Pragma: no-cache
Last-Modified: Thu, 07 Oct 2021 17:17:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615f2bb7-6a5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 23 Nov 2021 16:50:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 133ms
43ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: WG02TuaOeN0RUkKY2mwn6lhVI8dmI+FATgf3AyObf+QkOx6UKmZyzxs0bhWw+Lib9UzAp+6nuAuPs2wvx26/4Q==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Tue, 23 Nov 2021 16:50:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=5,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 c5ehczpmgp3r.js Show response
js.driftt.com/include/1637686500000/ 218 KB
62 KB 256ms
84ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1637686500000/c5ehczpmgp3r.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

67193e1f8b13691632f81cb4ff92b09955e911cb7760b990eff3c1c258f02266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: sUxHf9xgcpk8tCBmFbUB42ClXLES_ITY
content-encoding: gzip
etag: W/"c722ecfa8c7c3bf3cbfc80ed0fb8531e"
x-amz-cf-pop: EWR53-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 20:20:52 GMT
server: nginx
date: Tue, 23 Nov 2021 16:50:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FPh8OjNNXMG2aKyjwOFsYBEhm8bA708TjQzy4Z0yHYxWqM3MbY78aA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 151ms
47ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 303
Date: Tue, 23 Nov 2021 16:50:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=76500
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ece2ea917173b654d1f26ab6e1eeb0ec7fdb663cf9dc18adc21a4eab44c678b8

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 321a6f842fe9c5190e26175b4b0c7f9c2b11a025f8fdcedd5db6fb88d81052ef

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887de514c0974fe759d686e940be036f69f9f01c825f52faea931c77f3647e0e

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da24ab18f3c082e3ba6fcaf7054aeb3e90bf2dbc9e56fe04665d7fd326aefdac

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16df4194f430d82cb351d6054ec71cff7a8e33dae69966b074cea33b00fc63c3

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1af3c389b84dd206933a70cf91d2d89970f44bb82ecdfe8b9043fa340acf3

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5df6995e2295bbd2f81292b93b770d8cab2980c77677fe73d256bad4339a080b

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdd2f2497d176d6b6dcad9441dbaf87804ff76715bb76a71cce055b10cd8dcb4

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7272f8564a12844c4c9f0a982d68c531647bf4a7a261eaaa6150ce6c716fa8f5

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d81837ed26f36e57ad495d70300698ccbebffae8f69b264f131904f4e36e686a

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 homepage-bg.jpg
weshield.us/wp-content/uploads/2020/05/ 40 KB
41 KB 64ms
64ms Image
image/jpeg 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/05/homepage-bg.jpg
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_1e50e736a26362da8eba20b8064354aa.css?ver=1636577989
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 087fd77b47d9a5e64a7369ca83efdd7eee99fa05e173b424ea70f91fb40fae1e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_1e50e736a26362da8eba20b8064354aa.css?ver=1636577989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Sat, 13 Jun 2020 06:17:42 GMT
server: nginx
etag: "5ee46f86-a1b6"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 41398

GET
H2 200 logo-background@2x.png
weshield.us/wp-content/uploads/2020/05/ 66 KB
66 KB 68ms
68ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/05/logo-background@2x.png
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_1e50e736a26362da8eba20b8064354aa.css?ver=1636577989
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: e94bfa51996a1426c945b1aca8607a1282945b0decd7e30688baad737f9ff790

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_single_1e50e736a26362da8eba20b8064354aa.css?ver=1636577989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 25 May 2020 12:10:10 GMT
server: nginx
etag: "5ecbb5a2-10686"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 67206

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v9/ 26 KB
26 KB 132ms
43ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v9/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C700&display=swap&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weshield.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:05:11 GMT
x-content-type-options: nosniff
age: 359146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26372
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:14:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:05:11 GMT

GET
H2 200 92zUtBhPNqw73oHt4D4h.woff2
fonts.gstatic.com/s/jost/v9/ 30 KB
30 KB 160ms
72ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v9/92zUtBhPNqw73oHt4D4h.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d43152ad46b5f66eee36e2b65ce41dc027e33f9ddade0d66b9b70ba72d401e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weshield.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:29:54 GMT
x-content-type-options: nosniff
age: 19263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30404
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:15:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 11:29:54 GMT

GET
H2 200 fa-solid-900.woff2
weshield.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 78 KB
79 KB 69ms
69ms Font
application/font-woff2 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_b8dbe53f6f62acccd56e10201aa31a33.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_b8dbe53f6f62acccd56e10201aa31a33.css
Origin: https://weshield.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Tue, 11 May 2021 03:58:42 GMT
server: nginx
etag: "609a00f2-139ac"
content-type: application/font-woff2
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 80300

GET
H2 200 fa-brands-400.woff2
weshield.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 77 KB
77 KB 69ms
68ms Font
application/font-woff2 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://weshield.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_b8dbe53f6f62acccd56e10201aa31a33.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://weshield.us/wp-content/cache/autoptimize/css/autoptimize_b8dbe53f6f62acccd56e10201aa31a33.css
Origin: https://weshield.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Tue, 11 May 2021 03:58:42 GMT
server: nginx
etag: "609a00f2-1327c"
content-type: application/font-woff2
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 78460

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 343 KB
135 KB 146ms
52ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weshield.us/
Origin: https://weshield.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137335
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 02:15:58 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
26 KB 102ms
50ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af7c1efd2f6f83030af415ea774873724796ca483fe2d988d88dc9dda636d12

Request headers

Referer: https://weshield.us/
Origin: https://weshield.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 10602
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.251/bundles/project.js&cfRay=6b2ae36fce512d9a-ORD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6b2be6472f6e2d40-ORD
last-modified: Mon, 22 Nov 2021 09:17:52 UTC
server: cloudflare
etag: W/"6a8745b6167e133336b416f02a4eff01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: RBJclZzwBhUO2vaoWID2wjbaSKY8y0ZN
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: hS2Y99KG5up7pqUKL8u_Fk5Q2E-aYRS-2gJMvrG1eb8MLTaeptFUMw==
x-hs-target-asset: collected-forms-embed-js/static-1.251/bundles/project.js

GET
H2 200 8180247.js Show response
js.hs-analytics.net/analytics/1637686200000/ 62 KB
20 KB 233ms
178ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1637686200000/8180247.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f643c0d3056c03d095fbbc8f850a1e431dd9162484430aaa1d33da4016643788

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: F8K0S1KDHXVX8BDX
x-amz-server-side-encryption: AES256
cf-ray: 6b2be6474b49e212-ORD
x-amz-id-2: QnZp+i30CLJAzXlH3mWGOk+bvUHR0v27O0MEMX3No7XB6j0lPjOFyLehi2xeU6TKo8tydzrU6Sc=
last-modified: Mon, 19 Jul 2021 16:19:45 GMT
server: cloudflare
etag: W/"3851dfcadf3b6722e1cdf0a981112ef6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Tue, 23 Nov 2021 16:55:57 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 97ms
40ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b1d2160b45aea2146ecc1bab02b0a9c91ead6bfda206ea3030856b5574e3ef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 86
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.250/bundles/pixels-release.js&cfRay=6b2be4296c7d2943-ORD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 18 Oct 2021 04:25:02 UTC
server: cloudflare
etag: W/"1049cc79208c48c2b74d882feb7c1d24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _QwZEc8LwpjSofaTElUANiRxwmtEEESE
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b2be6475fd628ef-ORD
x-amz-cf-id: azyf52Xh6p9l5y_3uFbqlNqSbvBtdKrNf5WUTAKxYKK8A3A5D_nFOQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.250/bundles/pixels-release.js

GET
H2 200 8180247.js Show response
js.hs-banner.com/ 60 KB
16 KB 203ms
153ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8180247.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a55668d9c32851d67e493d14581a22dcc79326a7b6af3625b45de8e3f1da6b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: XGRE28VFDH80Q7VX
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 9PBdK+LXTe/3L/jpiY5V40I9W27qy0jDFXoF5w6Cv8XIeF1TMZ2FXEqU20temjMHbA1QggyLrfI=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 21:28:32 GMT
server: cloudflare
etag: W/"e6a79f10c93bed6c2167b980c426361b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: q4ggKN9Kq.9dV_zagWaLdh7CkLBPQkn5
access-control-allow-origin: https://share.hsforms.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6b2be6474835636c-ORD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 23 Nov 2021 16:55:57 GMT

GET
H2 200 cropped-Logo.png
weshield.us/wp-content/uploads/2020/11/ 31 KB
31 KB 46ms
45ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/11/cropped-Logo.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: b26b2ecaf4b06c00b0e065c20918783b33e003309fd0fdf10c8876ee2edd5f67

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 30 Nov 2020 15:54:30 GMT
server: nginx
etag: "5fc515b6-7cf7"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 31991

GET
H2 200 h7.png
weshield.us/wp-content/uploads/2020/07/ 37 KB
37 KB 66ms
65ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h7.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: d3da1b047cdd9633efb12c06b5fee9cd65580f667167c2a9e17c45df60b1cef1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Tue, 07 Jul 2020 11:09:32 GMT
server: nginx
etag: "5f0457ec-9390"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 37776

GET
H2 200 h5.png
weshield.us/wp-content/uploads/2020/07/ 8 KB
8 KB 67ms
66ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h5.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 83343010d7e09baf490a9c546fcd7c0887db327d83748232e38df824a45a1fc8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 06 Jul 2020 17:12:43 GMT
server: nginx
etag: "5f035b8b-200f"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 8207

GET
H2 200 h1.png
weshield.us/wp-content/uploads/2020/07/ 13 KB
14 KB 68ms
66ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h1.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 0462db40ca86267ce028b18ca9e0d19e6f0f0aa9cb1a09c94f5c42f3e68446d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 06 Jul 2020 17:12:19 GMT
server: nginx
etag: "5f035b73-359b"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 13723

GET
H2 200 h4.png
weshield.us/wp-content/uploads/2020/07/ 17 KB
17 KB 68ms
67ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h4.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 7a747f5d631f4592f200c7f0767adf33fcbe4940fb666ac1d19114d1478b5766

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 06 Jul 2020 17:12:42 GMT
server: nginx
etag: "5f035b8a-42b6"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 17078

GET
H2 200 h3.png
weshield.us/wp-content/uploads/2020/07/ 28 KB
28 KB 87ms
86ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h3.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: c685f6fca95f424a91696b69acfd8c273b9c2b20d1dd12489e7d90558b56e222

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 06 Jul 2020 17:12:36 GMT
server: nginx
etag: "5f035b84-6e49"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 28233

GET
H2 200 h2.png
weshield.us/wp-content/uploads/2020/07/ 3 KB
3 KB 88ms
87ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h2.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 8b240c7069a4193480d9e398dd572730a4ddebe3428d5f68276e32eb85ad3692

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Mon, 06 Jul 2020 17:12:29 GMT
server: nginx
etag: "5f035b7d-c53"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3155

GET
H2 200 h10.png
weshield.us/wp-content/uploads/2020/07/ 65 KB
65 KB 88ms
87ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h10.png
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 45aef4e03ff5e4b77acf7773c9286a05416fe9b7e7745a3ba6b8a0e468879d09

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Tue, 07 Jul 2020 10:53:20 GMT
server: nginx
etag: "5f045420-1033b"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 66363

GET
H2 200 ABT-86822-BnxNW-COVID-19-Group-QR-05cTD-960x430-1.jpg
weshield.us/wp-content/uploads/2021/09/ 120 KB
120 KB 109ms
109ms Image
image/jpeg 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2021/09/ABT-86822-BnxNW-COVID-19-Group-QR-05cTD-960x430-1.jpg
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 3b9a53c3c93339fadb591266b2ead5099a7c8d46644836f628df7e83c79f2e9b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:57 GMT
last-modified: Tue, 14 Sep 2021 17:00:23 GMT
server: nginx
etag: "6140d527-1ded9"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 122585

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoC...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoC...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3060457%26time%3D1637686257899%26url%3Dhttps%253A%252F%252Fweshield.us%252F%253Fu...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoC...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3060457&time=1637686257899&url=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRo...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=133eace5-a241-42b5-8d51-5b581b313a9f
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=133eace5-a241-42b5-8d51-5b581b313a9f&_expected_cookie=3cda6bfd4409f5cc0c88bf3e...

43 B
142 B

77ms
76ms

Image
image/gif

104.18.99.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=133eace5-a241-42b5-8d51-5b581b313a9f&_expected_cookie=3cda6bfd4409f5cc0c88bf3ec4f7b3ae
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b2be64d18c82bef-ORD
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=133eace5-a241-42b5-8d51-5b581b313a9f&_expected_cookie=3cda6bfd4409f5cc0c88bf3ec4f7b3ae
date: Tue, 23 Nov 2021 16:50:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b2be64ca83f2bef-ORD
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/QMNMPUQDDBBSXKRLZCC4BD/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

43ms
43ms

Script
application/javascript

2600:9000:21da:d200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: HTTP/1.1
Server: 2600:9000:21da:d200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 a74c33aabb438b6226856fa442878fa2.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 30448
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Tue, 23 Nov 2021 08:23:46 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cu7aog5TczAjOU-yEAOSw1g78bwTO0mubLsBDsQaInrfrF4qXyB4FA==

Redirect headers

Date: Tue, 23 Nov 2021 15:41:52 GMT
Via: 1.1 a74c33aabb438b6226856fa442878fa2.cloudfront.net (CloudFront)
Age: 4145
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pT7ZojjTRMUE6JPk-cbgX-lePmzLTJ2CYNjH9h99kYSTKTvsbS5--Q==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: mTGnyp5pjVqoj+cKDnWtM8d32bwjMHEsh6HBd78vHYmb/WLdBF6Ta8FfgWAzap8zqq4/WuJgvo8DTkSM2GiRKg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Nov 2021 16:50:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1136347163494612 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1136347163494612?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d24951b666a04fb621d72c5932d3fcab552a76528acabe1baf9f14eaa0d39fb1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: d/yNhPjvIxlFJvyuZcQPh3rHvtesmrbS3dcVpNypHdFqOxuvwNGvRKsMNDaW+Rd8e7bGIMvNdahttrfbg3T2CQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Nov 2021 16:50:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
687 B 189ms
100ms XHR
application/json 68.67.179.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.122 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 16:50:58 GMT
X-Proxy-Origin: 172.107.198.93; 172.107.198.93; 572.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 039c7547-6a29-440e-b91f-74d6ffaf79c5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://weshield.us
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
367 B 138ms
41ms XHR
text/plain 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-47-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24f92d74ad96fd65f52f59e589e53b2621c25aa4310c03b5e1f876ce2e82500b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:50:58 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://weshield.us
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 149ms
52ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3C3B6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4682
date: Tue, 23 Nov 2021 15:32:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 47 KB
16 KB 51ms
50ms Script
text/javascript 2600:9000:21da:d200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3C3B6G
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:d200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 206743f5a27b61f302352bf4452f78f13aa34bee7589b306e24677dc3a3e875e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: ehOkSJ.OYcbGtirOxrQzIxqoPEiLDyhY
Content-Encoding: gzip
Etag: W/"6d3e5545a63a8b2ad24684d3213523eb"
Age: 316
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 a74c33aabb438b6226856fa442878fa2.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Nov 2021 22:19:15 GMT
Server: AmazonS3
Date: Tue, 23 Nov 2021 16:45:42 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 0p2fMl7v4tnpygdEc77yR6ew2iD3usFyC63pzhZc2QWliOa50kyOog==

GET
H2 204 12c26463-0c04-4e61-8ff5-b8222d2d729b
dmx.districtm.io/s/10029/ 0
208 B 140ms
83ms Image
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmx.districtm.io/s/10029/12c26463-0c04-4e61-8ff5-b8222d2d729b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b2be648984f2a12-ORD
date: Tue, 23 Nov 2021 16:50:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2

200

indexch
pxl.iqm.com/i/ck/
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=178&external_user_id=12c26463-0c04-4e61-8ff5-b8222d2d729b&cb=https://pxl.iqm.com/i/ck/indexch?cmid=
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fpxl.iqm.com%2Fi%2Fck%2Findexch%3Fcmid%3D&cm_dsp_id=178&external_user_id=12c26463-0c04-4e61-8ff5-b8222d2d729b&C=1
https://pxl.iqm.com/i/ck/indexch?cmid=YZ0b8vcSmKcma7DZKhhl5QAA

45 B
377 B

49ms
49ms

Image
image/gif

2600:1f18:765:4800:7681:18d0:4c60:ba77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.iqm.com/i/ck/indexch?cmid=YZ0b8vcSmKcma7DZKhhl5QAA
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 2600:1f18:765:4800:7681:18d0:4c60:ba77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 16:50:58 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 16:50:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pxl.iqm.com/i/ck/indexch?cmid=YZ0b8vcSmKcma7DZKhhl5QAA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Expires: Tue, 23 Nov 2021 16:50:58 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://idsync.rlcdn.com/709732.gif?partner_uid=12c26463-0c04-4e61-8ff5-b8222d2d729b
https://idsync.rlcdn.com/1000.gif?memo=COSoKxIwCiwIARClyAkaJDEyYzI2NDYzLTBjMDQtNGU2MS04ZmY1LWI4MjIyZDJkNzI5YhAAGg0I8rf0jAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=c1731521742c4a86ce016b306ee948ad4a3d5a4c35b982666ae5963f9acad79e791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjMTczMTUyMTc0MmM0YTg2Y2UwMTZiMzA2ZWU5NDhhZDRhM2Q1YTRjMzViOTgyNjY2YWU1OTYzZjlhY2FkNzllNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjMTczMTUyMTc0MmM0YTg2Y2UwMTZiMzA2ZWU5NDhhZDRhM2Q1YTRjMzViOTgyNjY2YWU1OTYzZjlhY2FkNzllNzkxNDI2YjU0MTdkY2UyMRAAGgwI8rf0jAYSBAgCEABCAEoA&goog...
https://usermatch.krxd.net/um/v2?partner=liveramp_identity
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity

0
338 B

140ms
45ms

Image
text/plain

54.156.89.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 54.156.89.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-89-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=23 t=1637686258
x-served-by: beacon-n019-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date: Tue, 23 Nov 2021 16:50:58 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET
H2

200

adx
pxl.iqm.com/i/ck/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=iqm&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=iqm&google_cm=&google_tc=
https://pxl.iqm.com/i/ck/adx?google_gid=CAESECXG9KL6gC8TuUxSfvhtnkY&google_cver=1

45 B
375 B

51ms
50ms

Image
image/gif

2600:1f18:765:4800:7681:18d0:4c60:ba77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.iqm.com/i/ck/adx?google_gid=CAESECXG9KL6gC8TuUxSfvhtnkY&google_cver=1
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 2600:1f18:765:4800:7681:18d0:4c60:ba77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 16:50:58 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:50:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pxl.iqm.com/i/ck/adx?google_gid=CAESECXG9KL6gC8TuUxSfvhtnkY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pubmatic
pxl.iqm.com/i/ck/
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzM4MiZ0bD0xMjk2MDA%3D%26piggybackCookie%3D12c2...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzM4MiZ0bD0xMjk2MDA%3D%26piggybackCookie%3D12c2...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzM4MiZ0bD0xMjk2MDA=&piggybackCookie=12c26463-0c04-4e61-8ff5-b8222d2d729b&r=https://pxl.iqm.com/i/ck/pubmatic?puid=${PUBM...
https://pxl.iqm.com/i/ck/pubmatic?puid=E646101E-1B21-4DA2-90F2-09136B67D553

45 B
378 B

46ms
46ms

Image
image/gif

2600:1f18:765:4800:7681:18d0:4c60:ba77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.iqm.com/i/ck/pubmatic?puid=E646101E-1B21-4DA2-90F2-09136B67D553
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 2600:1f18:765:4800:7681:18d0:4c60:ba77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 16:50:58 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif

Redirect headers

location: https://pxl.iqm.com/i/ck/pubmatic?puid=E646101E-1B21-4DA2-90F2-09136B67D553
date: Tue, 23 Nov 2021 16:50:58 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug012:0:534
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

telaria
pxl.iqm.com/i/ck/
Redirect Chain

https://partners.tremorhub.com/sync?UIIQ=12c26463-0c04-4e61-8ff5-b8222d2d729b
https://pxl.iqm.com/i/ck/telaria?cid=32e7dcec4b2a4cd9b569ac125a99d12f&UIIQ=12c26463-0c04-4e61-8ff5-b8222d2d729b

45 B
377 B

47ms
46ms

Image
image/gif

2600:1f18:765:4800:7681:18d0:4c60:ba77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.iqm.com/i/ck/telaria?cid=32e7dcec4b2a4cd9b569ac125a99d12f&UIIQ=12c26463-0c04-4e61-8ff5-b8222d2d729b
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 2600:1f18:765:4800:7681:18d0:4c60:ba77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 16:50:58 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif

Redirect headers

location: https://pxl.iqm.com/i/ck/telaria?cid=32e7dcec4b2a4cd9b569ac125a99d12f&UIIQ=12c26463-0c04-4e61-8ff5-b8222d2d729b
date: Tue, 23 Nov 2021 16:50:58 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

onevideo
pxl.iqm.com/i/ck/
Redirect Chain

https://pixel.advertising.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true
https://pixel.advertising.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true&apid=UP88310716-4c7d-11ec-90e3-0e5762b885b3
https://ups.analytics.yahoo.com/ups/58163/sync?uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&gdpr=&gdpr_consent=&_origin=1&redir=true&apid=UP88310716-4c7d-11ec-90e3-0e5762b885b3&verify=true
https://pxl.iqm.com/i/ck/onevideo?uid=UP88310716-4c7d-11ec-90e3-0e5762b885b3

45 B
378 B

47ms
46ms

Image
image/gif

2600:1f18:765:4800:7681:18d0:4c60:ba77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.iqm.com/i/ck/onevideo?uid=UP88310716-4c7d-11ec-90e3-0e5762b885b3
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Server: 2600:1f18:765:4800:7681:18d0:4c60:ba77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 16:50:58 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif

Redirect headers

location: https://pxl.iqm.com/i/ck/onevideo?uid=UP88310716-4c7d-11ec-90e3-0e5762b885b3
date: Tue, 23 Nov 2021 16:50:58 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8113&uid=12c26463-0c04-4e61-8ff5-b8222d2d729b
https://sync.search.spotxchange.com/partner?adv_id=8113&uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&__user_check__=1&sync_id=884333b1-4c7d-11ec-8489-1b1a35d30103

43 B
549 B

50ms
46ms

Image
image/gif

192.35.249.127
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8113&uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&__user_check__=1&sync_id=884333b1-4c7d-11ec-8489-1b1a35d30103
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: HTTP/1.1
Server: 192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:50:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 258
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 23 Nov 2021 16:50:58 GMT
Server: nginx
Location: /partner?adv_id=8113&uid=12c26463-0c04-4e61-8ff5-b8222d2d729b&__user_check__=1&sync_id=884333b1-4c7d-11ec-8489-1b1a35d30103
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 208
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
bpi.rtactivate.com/tag/ 43 B
109 B 209ms
97ms Image
image/gif 184.73.169.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=21328&user_id=12c26463-0c04-4e61-8ff5-b8222d2d729b
Requested by: Host: weshield.us
URL: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.169.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-169-224.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7BF1 39 KB
20 KB 120ms
70ms Document
text/html 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&co=aHR0cHM6Ly93ZXNoaWVsZC51czo0NDM.&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=swaejw2mj0e1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

842e686cc76efe1f68606dcaf02090aa9e704247f98d5545d7a76f44b86b6c52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wt5Up7GawksykSCzrqIFsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Nov 2021 16:50:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-wt5Up7GawksykSCzrqIFsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20215
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 125ms
72ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10684570&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169184952-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95a41b3db790dfbff24cf6ddd8caafc4a1e5a1c59c7cf19c16b8c62d34cc3ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35981
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Nov 2021 16:50:58 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 147ms
87ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8180247&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36abfd5c09b1db4b862cd8d5f3a3f293218476f6144c94c28b927a78aec8e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://weshield.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b8fa727c-9e24-4cc8-975f-a16d55c81675
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1bqtvcIudG4e0tjq9%2FEOcKwC2R9uMbJ1jTk%2BE17gi4qKEkXlI6DczM1UERmdUlmo0WrxugDdzugpFFLlJkvcFuTgLsl4xbD95jA0DRiePa4vrozGHAZluOwlIKEBJtsr3BOLby6ZFql%2FArciVPd"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://weshield.us
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6b2be6495f2a2ade-ORD
access-control-allow-headers: *

GET
H2 200 QMNMPUQDDBBSXKRLZCC4BD Show response
d.adroll.com/consent/check/ 396 B
865 B 145ms
48ms Script
application/javascript 35.174.191.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/QMNMPUQDDBBSXKRLZCC4BD?arrfrr=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&_s=45007cf6b1770480af155845905c4f4d&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.191.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-191-125.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 24cb540cb4cc8d1a9d9658ed10d7650afe1d092042041efb1767510771d745d1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:50:58 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 396
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 127ms
40ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1136347163494612&ev=PageView&dl=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&rl=&if=false&ts=1637686258097&sw=1600&sh=1200&v=2.9.48&r=stable&a=wordpress-5.7.4-3.0.5&ec=0&o=30&fbp=fb.1.1637686258096.1186652848&it=1637686257909&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 23 Nov 2021 16:50:58 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 161ms
67ms Image
image/gif 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=66a0a0da9c6dc1786ff2a181917e1fe4&svisitor=44c8d9172c750000f11b9d61d002000059010000&session=a0bf2848-508e-48a1-8f30-740499b0cc71&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A50%3A57%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20Shield%20provides%20Personal%20Protective%20Equipment%20(PPE)%20and%20Safety%20Supplies%20to%20organizations%20and%20businesses%20that%20value%20people%20for%20what%20they%20are%2C%20their%20most%20valued%20asset.%20Order%20today.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26amp%3B%20Safety%20Supplies%20-%20We%20Shield%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&pageViewId=0e044f24-89a9-492f-85eb-ed681386bbbb&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:50:58 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 101ms
54ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2087979617&t=pageview&_s=1&dl=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&ul=en-us&de=UTF-8&dt=PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26%20Safety%20Supplies%20-%20We%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1635824963&gjid=251036710&cid=2139748818.1637686258&tid=UA-169184952-1&_gid=854914554.1637686258&_r=1&gtm=2wgba1K3C3B6G&z=1508751663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://weshield.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:50:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weshield.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 83ms
40ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2087979617&t=pageview&_s=1&dl=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&ul=en-us&de=UTF-8&dt=PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26%20Safety%20Supplies%20-%20We%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=2139748818.1637686258&tid=UA-169184952-1&_gid=854914554.1637686258&gtm=2wgba1K3C3B6G&z=1676695705

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 20:48:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72172
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7BF1 51 KB
24 KB 88ms
41ms Stylesheet
text/css 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&co=aHR0cHM6Ly93ZXNoaWVsZC51czo0NDM.&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=swaejw2mj0e1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 02:15:53 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7BF1 343 KB
134 KB 86ms
40ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137335
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 02:15:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
54ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2087979617&t=pageview&_s=1&dl=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&ul=en-us&de=UTF-8&dt=PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26%20Safety%20Supplies%20-%20We%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=852736236&gjid=196049026&cid=2139748818.1637686258&tid=UA-169184952-1&_gid=854914554.1637686258&_r=1&gtm=2ouba1&z=1232385745

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://weshield.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 16:50:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weshield.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
520 B 137ms
84ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 42e14b03-3bc5-420c-9817-d06cd30a5bdd
x-trace: 2BC5B7B9C4317A470522AF158BA0B7E74BD4DEF607000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b2be64a8e5762c3-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 163ms
63ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-169184952-1&cid=2139748818.1637686258&jid=1635824963&gjid=251036710&_gid=854914554.1637686258&_u=YEBAAEAAAAAAAC~&z=968132525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://weshield.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 16:50:58 GMT
content-type: text/plain
access-control-allow-origin: https://weshield.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ctx.v1.1.min.js Show response
s.dca0.com/ 6 KB
2 KB 137ms
40ms Script
application/javascript 54.230.162.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dca0.com/ctx.v1.1.min.js?1635953272
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/roundtrip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-67.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14a3a7e077c77e3180a74584291e139dd0301b610fe5ec6888fdba19e7e8781c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:26 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 16:48:23 GMT
server: AmazonS3
age: 32
etag: W/"1ef4dd0ba87baa7e952ed9b8e839b84e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: ojFM_6ibIkBLc5REozYTOZc0ogv63o4opv_tQTBG_LBuwnFTN6BhVw==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 46ms
45ms Script
text/javascript 2600:9000:21da:d200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:d200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: weQ8v0Ad4Ak5x6kARvR5SpzUQVmVYt6M
Content-Encoding: gzip
Etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
Age: 841
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 a74c33aabb438b6226856fa442878fa2.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 18:23:00 GMT
Server: AmazonS3
Date: Tue, 23 Nov 2021 16:36:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3N2e26BLUmO1x4LoyZSrEQ3jixNQbyqeFKzftUDXs4rpkfiu58vjIQ==

GET
H2 200 7TC6CKEMDVALVLH4DEAOGO Show response
d.adroll.com/segment/QMNMPUQDDBBSXKRLZCC4BD/ 42 B
903 B 49ms
48ms XHR
image/gif 35.174.191.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/QMNMPUQDDBBSXKRLZCC4BD/7TC6CKEMDVALVLH4DEAOGO?adroll_fpc=73c6aeb4788c5e2ef030321701dff54f-1637686258269&arrfrr=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&xid_ch=f&pv=77984951510.46645&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.191.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-191-125.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-pixel-eid: 7TC6CKEMDVALVLH4DEAOGO
date: Tue, 23 Nov 2021 16:50:58 GMT
x-advertisable-eid: QMNMPUQDDBBSXKRLZCC4BD
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.20.0
x-rule: *
x-segment-eid: YT2TK2Y7FVEA7AEPWNFCEQ
content-type: image/gif
access-control-allow-origin: https://weshield.us
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-segment-name: *
access-control-allow-headers: *
x-conversion-currency

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 98ms
64ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-169184952-1&cid=2139748818.1637686258&jid=852736236&gjid=196049026&_gid=854914554.1637686258&_u=aEDAAUABAAAAAC~&z=1744525500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://weshield.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 16:50:58 GMT
content-type: text/plain
access-control-allow-origin: https://weshield.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7BF1 2 KB
2 KB 41ms
40ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 13:59:43 GMT
x-content-type-options: nosniff
age: 269475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 27 Nov 2021 13:59:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7BF1 15 KB
15 KB 93ms
43ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:41:34 GMT
x-content-type-options: nosniff
age: 18564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 11:41:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7BF1 15 KB
15 KB 95ms
45ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 13:41:36 GMT
x-content-type-options: nosniff
age: 270562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 20 Nov 2022 13:41:36 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7BF1 102 B
134 B 60ms
59ms Other
text/javascript 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&co=aHR0cHM6Ly93ZXNoaWVsZC51czo0NDM.&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=swaejw2mj0e1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 16:50:58 GMT

GET
H3 200 579817992146685 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 90ms
90ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/579817992146685?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

055021ee341376454437728c62b8fd299ac68158cabf310abf950a9579a57e7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: IM7rIT3leRRXPWbTPRslyCodQZuOxQN/enaosyo78D49jBx96hNzRZEBwlnnce0BcaxKYwoQxDjgnzarxOUEaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Nov 2021 16:50:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cluster-id Show response
f71395d2-f622-a58c-8c2a-30789f99f945.z1.dca0.com/api/ 14 B
114 B 486ms
95ms XHR
text/plain 34.215.209.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f71395d2-f622-a58c-8c2a-30789f99f945.z1.dca0.com/api/cluster-id?uid=f04432b5-33e9-5341-df65-38c9e477f15c
Requested by: Host: s.dca0.com
URL: https://s.dca0.com/ctx.v1.1.min.js?1635953272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.215.209.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-215-209-196.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a361e2f0794860cfda89ba85b227c6d01d393078a06b7cd8718e3be53a482cc9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 16:50:58 GMT
content-length: 14
content-type: text/plain; charset=utf-8

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7BF1 29 KB
16 KB 124ms
123ms XHR
application/json 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab72a7e9f401bc1359aec69c0dee286cd7653de908cd2df6287cff1279cf93a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjN6MZAAAAAHhSWxPa_NR800c-MW6tyACV9qjd&co=aHR0cHM6Ly93ZXNoaWVsZC51czo0NDM.&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=swaejw2mj0e1
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16418
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 16:50:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 89ms
44ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=579817992146685&ev=PageView&dl=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&rl=&if=false&ts=1637686258619&cd[segment_eid]=YT2TK2Y7FVEA7AEPWNFCEQ&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=29&fbp=fb.1.1637686258096.1186652848&it=1637686257909&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 23 Nov 2021 16:50:58 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1AF5 0
18 B 81ms
43ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://weshield.us
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/

Response headers

content-type: text/plain
access-control-allow-origin: https://weshield.us
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 23 Nov 2021 16:50:58 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame F874 2 KB
1 KB 76ms
76ms Document
text/html 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1637686500000/c5ehczpmgp3r.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7e3bbce85c6a2804610806ac933293d2cdbff6c7d28a470af339b8c86d22ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 22 Nov 2021 20:20:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Usmn4vQEOhuMDh8alPn7fxqyZ7MlNOry
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 23 Nov 2021 16:50:58 GMT
cache-control: no-cache
etag: W/"15fe000f7b996aca7a7c39f834e85b43"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 0l5UnRcTBmltnx8acE4SPgMLiykw7sFP0jiSE9TPPlsDDZuKftKXWw==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame E1D6 2 KB
1 KB 62ms
61ms Document
text/html 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1637686500000/c5ehczpmgp3r.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7e3bbce85c6a2804610806ac933293d2cdbff6c7d28a470af339b8c86d22ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 22 Nov 2021 20:20:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Usmn4vQEOhuMDh8alPn7fxqyZ7MlNOry
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 23 Nov 2021 16:50:58 GMT
cache-control: no-cache
etag: W/"15fe000f7b996aca7a7c39f834e85b43"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: itO38wIsApG5sLRPYeDbiChMo1PZzZ0S7OZMXjIFEm77JvvHaypCRg==

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 140 B
968 B 129ms
77ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=8180247

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f964dd77a034df5a5c9d037ed3caede321ea9bf92638f6b2418bd6f4a2fa450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3b847480-1360-4514-b4f2-cbef41c22b6d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B3C047A6C78E80235F477B6483CF8ED848D0D92E3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=troYDRirJwiE2ohailL%2B2QQkydX8C3ThKMd7uod3ZdiX0Ur8rvjSpxb9ijEKxqmIqc%2BO150b5DBRm0Qv1TaJbmDX%2BeeracnHKlwx%2BMvQCtmmOnE7sBotajAL0ZHMH8XcNFYjS7RXS%2Fao9vKA"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://weshield.us
access-control-allow-credentials: false
cf-ray: 6b2be64dfea729f1-ORD
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1000 B 127ms
77ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=8180247&rcu=https%3A%2F%2Fweshield.us%2F&pu=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&t=PPE+(Personal+protective+equipment)+%2F+Kits+%26+Safety+Supplies+-+We+Shield&cts=1637686258819&vi=788a7f2593cb72e229a1d85e8db41f7d&nc=true&u=154496103.788a7f2593cb72e229a1d85e8db41f7d.1637686258815.1637686258815.1637686258815.1&b=154496103.1.1637686258815&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:58 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d97f1a26-ba3e-4bd1-9214-24ba7c47f20b
cf-ray: 6b2be64e08522dae-ORD
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgooKAOqXUS7shbv7zfWR%2BFuPaM7510Y%2FZfen0mWa%2Fmd7urIknE3OEn%2FRNR76tyF4Q66F09r3hq381geYqaYsVs4yreK58C18OIY7fq22x7cNjIA4PHfOglz1ENwRy%2BHMD3qhNpFam08oLonlc3B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 runtime~main.ab9d7b37.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 6 KB
3 KB 41ms
40ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

da6e5eccd6f46dd0b12fda7fa82a07ea7fb3a75467693c1c67c486f15cac91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:22 GMT
server: nginx
etag: W/"ba5260995e64ac1175c9f12a86a4e6ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qySU0RneoIVieaiR7uLP0OJNX8Fw_XBE
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q4mc94ujaf0j3bm1xZP3Rc6XTDmb2tVSNBb0ozfyU36epv4_p9eQ8g==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 58 KB
58 KB 45ms
45ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:23:08 GMT
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
age: 8886470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59055
last-modified: Thu, 12 Aug 2021 19:36:12 GMT
server: nginx
etag: "fce0b3daf28dfa888be2818f43b06ef0"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q7_jgxG2AYS0ltIB1kk0GRIKriX6aeGV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xZwqg2e6Xz4vMMqr01c4HDcwlx8F6a9tpwCOWtsLOlDCoqkJ9e0_9A==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 6 KB
3 KB 62ms
61ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:36:14 GMT
content-encoding: gzip
age: 2762084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C_PzwBomccO11536xan2B9Xz7LPgE3j34I8tmFx9UlrGJLTC_j0xzw==

GET
H2 200 runtime~main.ab9d7b37.js Show response
js.driftt.com/core/assets/js/ Frame F874 6 KB
3 KB 55ms
54ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

da6e5eccd6f46dd0b12fda7fa82a07ea7fb3a75467693c1c67c486f15cac91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:22 GMT
server: nginx
etag: W/"ba5260995e64ac1175c9f12a86a4e6ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qySU0RneoIVieaiR7uLP0OJNX8Fw_XBE
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5X7k5KtQspR5cO8Ra0THURtkWOzedBhCSItAp2VW5WoRf723O9a0Xg==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 58 KB
58 KB 59ms
58ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:23:08 GMT
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
age: 8886470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59055
last-modified: Thu, 12 Aug 2021 19:36:12 GMT
server: nginx
etag: "fce0b3daf28dfa888be2818f43b06ef0"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q7_jgxG2AYS0ltIB1kk0GRIKriX6aeGV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jNJGyTxbuFB6CgZm-qoYXTc30_6FEX3SudQgJ0vcaoui7hIrrkw-WQ==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 6 KB
3 KB 70ms
70ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:36:14 GMT
content-encoding: gzip
age: 2762084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C4PxUt8KGhkN8EcdaG6nsuWXDwu0cSSje7x096kBIFNd8eFajbixFQ==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 68ms
67ms Image
image/gif 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=66a0a0da9c6dc1786ff2a181917e1fe4&svisitor=44c8d9172c750000f11b9d61d002000059010000&session=a0bf2848-508e-48a1-8f30-740499b0cc71&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A50%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A50%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20Shield%20provides%20Personal%20Protective%20Equipment%20(PPE)%20and%20Safety%20Supplies%20to%20organizations%20and%20businesses%20that%20value%20people%20for%20what%20they%20are%2C%20their%20most%20valued%20asset.%20Order%20today.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26amp%3B%20Safety%20Supplies%20-%20We%20Shield%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&pageViewId=0e044f24-89a9-492f-85eb-ed681386bbbb&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:50:58 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 45ms
43ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 303
Date: Tue, 23 Nov 2021 16:50:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=76499
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 47 KB
14 KB 41ms
40ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 4920301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:30 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VUhmN0wteSIOoD7zf42Fx9jVTzQPjY_
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nD_Ob7TvrYZ7Zn3hxCyxjPhSl9Ez7UpNlRuPeSnqC76v3NMxRaCSBg==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 44 KB
13 KB 42ms
41ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 4920301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:29 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jEi2sT.oz2dMTnmIGznKkCTerYS6HNwY
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lYcYExVkNkgzO5cNvGI3yMgwaCYrFfaQkvuPDvhbWOAsS2mjGLpGnw==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 25 KB
8 KB 43ms
42ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yEh-gu8GRvsaW19YR5GtajWcN19CbHYN1xBckdhsG6sqqWo79uQ18A==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 16 KB
5 KB 43ms
42ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9407921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k7hI03Hs_H0SnIAhPh4YFLOjTSVEWGUZXP1T8TFYfh73tPcg_zZGyA==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 72 KB
22 KB 45ms
44ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4067904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:09 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PpKcHacqpQIWv5LlWxshj7GW7ctXBTRY
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w41a-Fwtn7t4KIJj1NgQXL1Eo4EFS_1Pj_J7IIptM9Zgnpqv4kRWZQ==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 16 KB
6 KB 46ms
45ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QkcazlsIOo1BdgatlY930W5S_sZRf6hNvBYVnw7xtZc7YC-wpKj29A==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 59 KB
19 KB 47ms
46ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4067904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: v0Q3sUg3fAcXKBWqoZodUDobSoc9.NX8
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tWk-DM5fNLfZtO6dFDG7FNSBnb1M7MvtaBZX6a6iZKoWiKH_yeVqpQ==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 91 KB
28 KB 48ms
48ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 02:14:12 GMT
content-encoding: gzip
age: 4199806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Oct 2021 13:21:52 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F4c27N8Q48RzRrjWijYpmql7j.I4UKQs
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zhh6FuTeV6oH-96Rqm8VcnmvTpruTjSbyUxEPs-WyntGbU4Eae60Cw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 23 KB
7 KB 50ms
48ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9407921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cnnbxM-_7w_XpS90EK1jfLV_ld6g47kv4G8xQCsjXw2qVG10j-iLGw==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 62 KB
20 KB 52ms
49ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 21:49:43 GMT
content-encoding: gzip
age: 3697275
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Oct 2021 21:20:00 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dduSgTmTEeX.c1xrsh3Cd4WUJFtbN06M
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cH8t2s0t7Dq1szssmDhXhTQ91g6-_u7n7IpGcvhAdD3OQUzGBw5_fA==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 105 KB
34 KB 51ms
48ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e0mk8eljhCwmza7aBmAj8EeVfSLxhcAj5xUahlhqEk_BmbBx6H-gBQ==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 12 KB
4 KB 59ms
57ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -MSEsWNzy0FwaMq1wvtZfVx7ATWv6Ff0pHwx87DqeGBZieh8cF7Cdg==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 12 KB
5 KB 60ms
58ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:36 GMT
content-encoding: gzip
age: 4067902
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _ix5iBb64na.L1JY7ymqDewgFGceFL7s
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MzO8uMaYAGGeLSCsbI63QExWD7456Q1VwxWUBGM-GEIZW8aZQLC4ww==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 17 KB
7 KB 60ms
59ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3TF-MN34ZmB472iVywfYdPKIO-prqu51CF060A7r5mCZO6c5JlhyMA==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame E1D6 11 KB
3 KB 57ms
56ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:19 GMT
content-encoding: gzip
age: 1894959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xIi5nbVWt0yJ98evpKcTOPFttVLQVWkq9JWPgRYo1dzJECD9Kc1McA==

GET
H2 200 7.ba44d36f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 69 KB
21 KB 61ms
60ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.ba44d36f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

11d27d2ac15ed29e2769deb82c83901b218fba3535541af03b5e4e389a14b715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:20 GMT
server: nginx
etag: W/"be9c30db45280cd93a65c217b5f439d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bsbrqRGd3KbBlvAQn091Ie3Hjs81RG5
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H4mn2QCa33xyLqVuwsGuAi8llPJ8XJKyNzOhPMTffzNQi5PvDynwwQ==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame E1D6 24 B
666 B 58ms
57ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
age: 9407921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OL6kqe31_lvXdPsj0KmOY0eSGuhzRXhsKUSnjWVEx3def7J6qtvOmQ==

GET
H2 200 14.dad5b9c7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 73 KB
19 KB 63ms
62ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.dad5b9c7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8d4842ea3131afb2c889435d7fa4da85c6692f42ad83a1b0087a47ed10c399fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"1ceab3facf2a332b3ff8f53bb8ae0178"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NmuWzskZM7ZSDx59o.Nk.l7aO3PE2L6w
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6tew4PB7-HSezrTSX6RA_tVmOKxp_nxqbqJZBCdUVGjHio3SbpKqWQ==

GET
H2 200 20.59e51040.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 47 KB
13 KB 64ms
63ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.59e51040.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1e5e3f29206ca046d131a9ea9db973a5a116a5f14c156db28e3a885381c40498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"7902a4b6b2d44a9ebba2447498122c80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EmTbJrdDKKXIAo2Rwx2ftAT657NYabgu
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EAc7xA81dF1T5exSOvnG6ltuPTEPf_qoj0DePBnO0kk6Adl3SW-jEQ==

GET
H2 200 12.46770405.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 40 KB
13 KB 65ms
65ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.46770405.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c61a5b3616fe58f512ff682458b601c81bd8c0d47730a3efb958ff8c06000d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"66dd9df5ec130240c8e1dc5074ff5d96"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sh3cz2I3FOd_iqnGu_dJzYmjsz7yNbWC
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q0xrlLFYLTl0PQFM1zdkM_hdLcrkyzD5auZ9FRl0a8dXreQbVFhvzA==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 47 KB
14 KB 60ms
49ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 4920302
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:30 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VUhmN0wteSIOoD7zf42Fx9jVTzQPjY_
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dRIXx-EegLnR7P_bdOZ42k0nIf9WfCuitqZe4Feob2b_0c32etNBKQ==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 44 KB
13 KB 54ms
49ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 4920302
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:29 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jEi2sT.oz2dMTnmIGznKkCTerYS6HNwY
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IIUv9ByWBfYJyYJoCJIkg5D1ExQtLdAPxyYCjtK1FzmUbJNyMiftuw==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 25 KB
8 KB 56ms
51ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1ur6nsRKCwlBc9_nDR_C1WN_-wiwM3OCKMelqFGh67yVSfD53TuEPA==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 16 KB
5 KB 56ms
52ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9407922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mdo0snhgHaWEQU2Ldr8ebaVW92oC1PHtAt4td9Ps-YN0S5CPhoLBUQ==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 72 KB
22 KB 57ms
52ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4067905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:09 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PpKcHacqpQIWv5LlWxshj7GW7ctXBTRY
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: huJTw6mgLdKUVHTGqAbNQ0J1suO8cY2p0leSm6TfzaA1xkyh-09C_w==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 16 KB
6 KB 58ms
53ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YoWIrd_reIOKZ9jnDVbB01t8GVDsPlaqf0JRMIVzGcLi_7_nRaySCQ==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 59 KB
19 KB 63ms
58ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4067905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: v0Q3sUg3fAcXKBWqoZodUDobSoc9.NX8
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ckUMgbYAdZS3ZYv3ir6EkJueLZHnCWUNboEi1-HTTgpniai26w1j2g==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 91 KB
28 KB 63ms
59ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 02:14:12 GMT
content-encoding: gzip
age: 4199807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Oct 2021 13:21:52 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F4c27N8Q48RzRrjWijYpmql7j.I4UKQs
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U0x5B5yCbaVLr9SqWSfrsrH3w0TQ9NmIpAcumeHwkGFSAYzwmjEjVw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 23 KB
7 KB 64ms
61ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9407922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 03KSjM41Et7FScIg2tm2YWHJfJ7EW7SkmYUGkqTbeO46h47KSzpDmw==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 62 KB
20 KB 65ms
61ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 21:49:43 GMT
content-encoding: gzip
age: 3697276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Oct 2021 21:20:00 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dduSgTmTEeX.c1xrsh3Cd4WUJFtbN06M
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -i4ABJWdEU6IqmHsatKk9C_vhPRdI49oZkXv3kzf2pZbYh_HzsDgjw==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 105 KB
34 KB 66ms
62ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TrjCLUmx7-UuFCsVtGelVgp0tPz6aoryS6dgD6VtuASNKFLnqZXoKQ==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 12 KB
4 KB 68ms
65ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Sb4QBzK95EW57Qvf_yGxZj1vqC-A3bbGh6RjfoTfWZzl5rz-9kPF5A==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 12 KB
5 KB 69ms
66ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:36 GMT
content-encoding: gzip
age: 4067903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _ix5iBb64na.L1JY7ymqDewgFGceFL7s
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jnheqvJqaxFIrwgcaWgRNJ2xcxZav_isFyUnf4wNnohO37MTtZOPIA==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 17 KB
7 KB 70ms
67ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 7944162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 72b-KyovNU_-rrhwYmGrvq1tMwUR6wdrZDi4Tf6QxWMS841UlJbgyg==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame F874 11 KB
3 KB 52ms
50ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:19 GMT
content-encoding: gzip
age: 1894960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RjkQzZHJxIPbDCllUbCYsBTWPc5euSja8afpbAx_RODpQ86Ym9RhHw==

GET
H2 200 7.ba44d36f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 69 KB
21 KB 71ms
68ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.ba44d36f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

11d27d2ac15ed29e2769deb82c83901b218fba3535541af03b5e4e389a14b715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:20 GMT
server: nginx
etag: W/"be9c30db45280cd93a65c217b5f439d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bsbrqRGd3KbBlvAQn091Ie3Hjs81RG5
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IELI-cLE1gdKTJmpkQUi36cd1qmwwpaiEHg2y5bIh_gNjoA69q8GDA==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame F874 24 B
666 B 52ms
50ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
age: 9407922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vh_zJU3nLitWR1BLBXHGi5EjApSx3RHg-kxcUAg8K3-jVO9489vmhQ==

GET
H2 200 14.dad5b9c7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 73 KB
19 KB 71ms
69ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.dad5b9c7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8d4842ea3131afb2c889435d7fa4da85c6692f42ad83a1b0087a47ed10c399fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"1ceab3facf2a332b3ff8f53bb8ae0178"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NmuWzskZM7ZSDx59o.Nk.l7aO3PE2L6w
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BXYd7zz4TahVjrlMdNkCugj7a-sZ1oDbS26d7yFpfA5JpEfU2dn63g==

GET
H2 200 20.59e51040.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 47 KB
13 KB 72ms
70ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.59e51040.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1e5e3f29206ca046d131a9ea9db973a5a116a5f14c156db28e3a885381c40498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"7902a4b6b2d44a9ebba2447498122c80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EmTbJrdDKKXIAo2Rwx2ftAT657NYabgu
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QQVjtROpDI4_cU0kLYx910ja5UxxkRzrbkVNlGdr5d4nrLV6YC8Eog==

GET
H2 200 12.46770405.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 40 KB
13 KB 73ms
71ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.46770405.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c61a5b3616fe58f512ff682458b601c81bd8c0d47730a3efb958ff8c06000d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"66dd9df5ec130240c8e1dc5074ff5d96"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sh3cz2I3FOd_iqnGu_dJzYmjsz7yNbWC
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aHFkMTHHUurQmTEeVRy0gTMMhKxgqVC-Lh8yplnuaZzmOPs52tumGg==

POST
H2 200 QMNMPUQDDBBSXKRLZCC4BD
d.adroll.com/pex/ 42 B
124 B 47ms
47ms Ping
image/gif 35.174.191.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pex/QMNMPUQDDBBSXKRLZCC4BD?adroll_fpc=73c6aeb4788c5e2ef030321701dff54f-1637686258269&arrfrr=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&xid_ch=f&ev=xidctx&es=%7BSrk-kLH-Sz-H%7D&esv=&pv=77984951510.46645
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/QMNMPUQDDBBSXKRLZCC4BD/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.191.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-191-125.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://weshield.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
server: nginx/1.20.0
content-length: 42
content-type: image/gif

GET
H2 200 30.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame E1D6 3 KB
1 KB 41ms
40ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 1894959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GBOBYZXPfE_Um1Sf_mqL4fDHmw8hrH5J
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w1fkrjdSsp7PPY0U8InMwcVEt4m7QKCAiZpXmwmnwCaoOwEsNCJqmA==

GET
H2 200 30.025287d0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 3 KB
2 KB 41ms
41ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.025287d0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f5642eea8890a1123d9a49ae8efd66755a53d6b44301249f5d9b27b21acab85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 14:52:26 GMT
content-encoding: gzip
age: 1562313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Nov 2021 14:12:32 GMT
server: nginx
etag: W/"f592b825cca98e86b19c3c23a7bc0d4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a6HLBQKMhG_EVQxQQ4E8g0hI6_AoNhGH
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gVy7Y6lBVtKctzqZCxwL_AenIfvhvQCXLCC5KlYMnDFIoLkcPpHXOw==

GET
H2 200 22.e10510b6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 42 KB
12 KB 42ms
40ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.e10510b6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 01:13:23 GMT
content-encoding: gzip
age: 3425856
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Oct 2021 21:28:22 GMT
server: nginx
etag: W/"a99459752bee496e4af7c45277fd9c26"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T8L5krx2cqygd71cKnQ.RlFky1lNaO_x
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AQM0rs3aeP_3PomhhJWV8H55LHC-iK7qxdYPaQ4d9FI5gvHSoWNHDA==

GET
H2 200 24.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame F874 8 KB
2 KB 44ms
42ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/24.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:38 GMT
content-encoding: gzip
age: 4067901
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:07 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Jae8JqW663dCPtKcAWnt.q.y_JeyJDGP
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e-VlX1gIN8bh1LlcrBTbeAGG9AZnoIHsON-goSNz6uSH41D8eocEEQ==

GET
H2 200 24.3632c295.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 12 KB
5 KB 45ms
44ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.3632c295.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9b9cb5ed20b53ea6b4ea1ff2355f4503a2b3a0811b5eea90a46d87932d45a077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"9cc1c16b32b5203ded0936e43a26c2b5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aJ.POfjp1rnB8zITMt9sDj2VJw6PHXza
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ajS4vKh3ZbECCiS-KVOD78JlteP3jGv4eGrBVrposAv_ZlidsdfL_g==

GET
H2 200 18.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame F874 365 B
1008 B 45ms
43ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
age: 4920302
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 27 Sep 2021 17:53:27 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2nl84_Ynkb7J4eflOi4MBL9RG1iL8udX
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DzLERS7O5MaXM9jYlA1lguMi1dbnXiFY3rRN71vHlEzLwUszGpB4FQ==

GET
H2 200 18.c447861e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F874 84 KB
23 KB 46ms
45ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c447861e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

4193c906068e59efea49bf877ce6259a7befce4828660f7a37b12ec3a84c1ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=c5ehczpmgp3r&region=US&forceShow=false&skipCampaigns=false&sessionId=944c4ab3-cedc-410a-8a8f-af6e70abe255&sessionStarted=1637686258.8&campaignRefreshToken=81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3&hideController=false&pageLoadStartTime=1637686257393&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"3b88d372f3f4b68e7db793505ae832ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Bqtp7eTmaldDqB3daSJ_RyU8KrAlWdFv
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UAziiMdPGKzw2KIeTfpIqBEw_ksxtQ6illISrAH-CPbL8rvvMaAR8A==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame E1D6 7 KB
2 KB 43ms
42ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 11999179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gqMruN1nPtsFygFHP0uaBE2AOc6UNs2z5LyDeorBJve2UomLqsDVqg==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 54 KB
16 KB 44ms
43ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 9593639
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oJB72niOApj9CzHK7TjtOSaJKVd0puO51EslJCCiRMNr2lzbmDkt8g==

GET
H2 200 0.6d90a433.chunk.css
js.driftt.com/core/assets/css/ Frame E1D6 44 KB
7 KB 44ms
43ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.6d90a433.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bf8e028caa6730932640ad679e31fe66ff9663aa29e214d151a889196081f9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:12:39 GMT
content-encoding: gzip
age: 506300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 19:25:04 GMT
server: nginx
etag: W/"408c59571162a79ac16fc96c1273f0f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8XLpsu9QAcQ0ItiVWO5brdd1N5g2sOHJ
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o6zDKPOSJ9kwS-F1PtxeBkR8T_cuG-D9A0k7BhAU_XOLaM4lYVLanQ==

GET
H2 200 0.8116ab4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 70 KB
24 KB 44ms
44ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.8116ab4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

3cae95b041db640339eae18d74c546f8d7e9fb76e53a1e7cb15d9e8adea93d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 73826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"82e5821e8a29a3377c71a9e85ea8d994"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8BhhXuxBMr6aey5WYe68V.Mg04pcfE1J
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vMpJM-ofPBqXDuOwT6aHNhxqACjEfTd8JH_G5Avzh-g7XnTZOIsb7g==

GET
H2 200 29.a4eacd1c.chunk.css
js.driftt.com/core/assets/css/ Frame E1D6 11 KB
2 KB 47ms
46ms Stylesheet
text/css 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.a4eacd1c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:12:39 GMT
content-encoding: gzip
age: 506300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 19:25:04 GMT
server: nginx
etag: W/"5fcabdf983fd5bbf7cb199063137d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k82F8FaNpkIB_WK109g86MbRHlA8U_6q
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LhqhB9Mb2EIugjwcT9au0Ng8KV3CH8ZpKNEmRxBL-VEZv12xD93_7Q==

GET
H2 200 29.73b9ccf9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E1D6 11 KB
5 KB 47ms
46ms Script
application/javascript 13.226.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.73b9ccf9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-37-17.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

61c5e0ee01b43350fc63d6540019ca4a1a2fec438e09e225b715a442a63115f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637686257393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:13:05 GMT
content-encoding: gzip
age: 499074
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 21:01:38 GMT
server: nginx
etag: W/"08a72aad434f11567a747fd67be2d3fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qicBCcKgTenss1sMR3kJQz8teIQSYJPA
via: 1.1 b0ff224008cc113345fc49da87d20e9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yvcTIF2pXGDYfqv5ldGGP7_RHTIDQY9yT7jlDkJLsXrREuMo13IPHg==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 204ms
48ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift9137cd44d228dd9f8aca7bd14f7
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame F874 25 B
122 B 58ms
57ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
server: istio-envoy
requestid: fcae1332cdd041b8
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame F874 126 B
223 B 47ms
47ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

b1dc2324e6515fe7a2c2065ec59b60ec81e96f3d57d652b73f2100ea914fcafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
server: istio-envoy
requestid: b316bbe552690cca
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 160ms
49ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift401f85f42dba71ae86533ffee4f
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 c5ehczpmgp3r.json Show response
embeds.driftcdn.com/embeds/ Frame F874 14 KB
5 KB 229ms
132ms XHR
application/json 13.225.63.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/c5ehczpmgp3r.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-33.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ceac3946ca9c9a565d7819b861cc73c3bda4eb35bac27de07d6da4cdd4855ea

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:51:00 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 08 Nov 2021 20:54:18 GMT
server: AmazonS3
etag: W/"feb922116648b1a90d80f7b07fd7d9b3"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 285f391916b519587cefa0e29513e1ed.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: fC9Gh4ulHiqigBTwk7XjqnYXGYmxTTGc5fB6Xetm2RtLpOK_olNHcQ==

GET
H2 200 h9.png
weshield.us/wp-content/uploads/2020/07/ 30 KB
31 KB 66ms
65ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h9.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 76944cf8f00598fe5f6057260463a7929c82f5082d36243b8229f4a36cdd967b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
last-modified: Tue, 07 Jul 2020 10:53:21 GMT
server: nginx
etag: "5f045421-79b2"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 31154

GET
H2 200 h8.png
weshield.us/wp-content/uploads/2020/07/ 55 KB
55 KB 87ms
86ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h8.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 7c48a5404497ffe78e5207b03b9e4cefb0fd12540b09a822d2432381bdc07a15

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
last-modified: Tue, 07 Jul 2020 10:53:23 GMT
server: nginx
etag: "5f045423-dd01"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 56577

GET
H2 200 h6-1.png
weshield.us/wp-content/uploads/2020/07/ 63 KB
63 KB 108ms
107ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h6-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: c8d4012b0e524d4e16cb319e2bb274fd6b1f8dee48c6b1e1b5d337c470ecde5a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
last-modified: Tue, 07 Jul 2020 11:06:34 GMT
server: nginx
etag: "5f04573a-fcc6"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 64710

GET
H2 200 1556825026871.png
weshield.us/wp-content/uploads/2021/08/ 12 KB
12 KB 110ms
109ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2021/08/1556825026871.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 63401c4f0b968067b3c836a17c530390644884ac1c1d504cc2f4c41fd023cfc9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
last-modified: Fri, 06 Aug 2021 16:29:09 GMT
server: nginx
etag: "610d6355-3121"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 12577

GET
H2 200 we-are-weshield1-600x555.jpg
weshield.us/wp-content/uploads/2020/06/ 22 KB
22 KB 111ms
110ms Image
image/jpeg 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/06/we-are-weshield1-600x555.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: aeef287c268b412473c10dd6a2f18244e3c1f9fffc62f0e1bc2b28cf0e2d9169

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:50:59 GMT
last-modified: Sat, 13 Jun 2020 06:21:22 GMT
server: nginx
etag: "5ee47062-5859"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 22617

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 71ms
70ms Image
image/gif 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=66a0a0da9c6dc1786ff2a181917e1fe4&svisitor=44c8d9172c750000f11b9d61d002000059010000&session=a0bf2848-508e-48a1-8f30-740499b0cc71&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A50%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A50%3A58%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20Shield%20provides%20Personal%20Protective%20Equipment%20(PPE)%20and%20Safety%20Supplies%20to%20organizations%20and%20businesses%20that%20value%20people%20for%20what%20they%20are%2C%20their%20most%20valued%20asset.%20Order%20today.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26amp%3B%20Safety%20Supplies%20-%20We%20Shield%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&pageViewId=0e044f24-89a9-492f-85eb-ed681386bbbb&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:50:59 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 68ms
67ms Image
image/gif 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=66a0a0da9c6dc1786ff2a181917e1fe4&svisitor=44c8d9172c750000f11b9d61d002000059010000&session=a0bf2848-508e-48a1-8f30-740499b0cc71&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A51%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A50%3A59%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20Shield%20provides%20Personal%20Protective%20Equipment%20(PPE)%20and%20Safety%20Supplies%20to%20organizations%20and%20businesses%20that%20value%20people%20for%20what%20they%20are%2C%20their%20most%20valued%20asset.%20Order%20today.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26amp%3B%20Safety%20Supplies%20-%20We%20Shield%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&pageViewId=0e044f24-89a9-492f-85eb-ed681386bbbb&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:51:00 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame F874 25 B
88 B 66ms
66ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
server: istio-envoy
requestid: 5aa8f846de829013
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 47ms
47ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftfc52a034546947bcd92edefcd21
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 h7.png
weshield.us/wp-content/uploads/2020/07/ 37 KB
37 KB 67ms
65ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h7.png
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: d3da1b047cdd9633efb12c06b5fee9cd65580f667167c2a9e17c45df60b1cef1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
last-modified: Tue, 07 Jul 2020 11:09:32 GMT
server: nginx
etag: "5f0457ec-9390"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 37776

GET
H2 200 h5.png
weshield.us/wp-content/uploads/2020/07/ 8 KB
8 KB 87ms
86ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h5.png
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 83343010d7e09baf490a9c546fcd7c0887db327d83748232e38df824a45a1fc8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
last-modified: Mon, 06 Jul 2020 17:12:43 GMT
server: nginx
etag: "5f035b8b-200f"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 8207

GET
H2 200 h1.png
weshield.us/wp-content/uploads/2020/07/ 13 KB
14 KB 88ms
87ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h1.png
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 0462db40ca86267ce028b18ca9e0d19e6f0f0aa9cb1a09c94f5c42f3e68446d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
last-modified: Mon, 06 Jul 2020 17:12:19 GMT
server: nginx
etag: "5f035b73-359b"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 13723

GET
H2 200 h4.png
weshield.us/wp-content/uploads/2020/07/ 17 KB
17 KB 88ms
87ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h4.png
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: 7a747f5d631f4592f200c7f0767adf33fcbe4940fb666ac1d19114d1478b5766

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
last-modified: Mon, 06 Jul 2020 17:12:42 GMT
server: nginx
etag: "5f035b8a-42b6"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 17078

GET
H2 200 h3.png
weshield.us/wp-content/uploads/2020/07/ 28 KB
28 KB 108ms
107ms Image
image/png 45.33.94.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weshield.us/wp-content/uploads/2020/07/h3.png
Requested by: Host: weshield.us
URL: https://weshield.us/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.94.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1077-74.members.linode.com
Software: nginx /
Resource Hash: c685f6fca95f424a91696b69acfd8c273b9c2b20d1dd12489e7d90558b56e222

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/?utm_medium=email&_hsmi=186353448&_hsenc=p2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw&utm_content=186353448&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:51:01 GMT
last-modified: Mon, 06 Jul 2020 17:12:36 GMT
server: nginx
etag: "5f035b84-6e49"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 28233

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 69ms
69ms Image
image/gif 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=66a0a0da9c6dc1786ff2a181917e1fe4&svisitor=44c8d9172c750000f11b9d61d002000059010000&session=a0bf2848-508e-48a1-8f30-740499b0cc71&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A51%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A51%3A00%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20Shield%20provides%20Personal%20Protective%20Equipment%20(PPE)%20and%20Safety%20Supplies%20to%20organizations%20and%20businesses%20that%20value%20people%20for%20what%20they%20are%2C%20their%20most%20valued%20asset.%20Order%20today.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26amp%3B%20Safety%20Supplies%20-%20We%20Shield%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&pageViewId=0e044f24-89a9-492f-85eb-ed681386bbbb&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:51:01 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 68ms
67ms Image
image/gif 23.217.47.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=66a0a0da9c6dc1786ff2a181917e1fe4&svisitor=44c8d9172c750000f11b9d61d002000059010000&session=a0bf2848-508e-48a1-8f30-740499b0cc71&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A51%3A02%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Nov%202021%2016%3A51%3A01%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20Shield%20provides%20Personal%20Protective%20Equipment%20(PPE)%20and%20Safety%20Supplies%20to%20organizations%20and%20businesses%20that%20value%20people%20for%20what%20they%20are%2C%20their%20most%20valued%20asset.%20Order%20today.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22PPE%20(Personal%20protective%20equipment)%20%2F%20Kits%20%26amp%3B%20Safety%20Supplies%20-%20We%20Shield%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fweshield.us%2F%3Futm_medium%3Demail%26_hsmi%3D186353448%26_hsenc%3Dp2ANqtz-9mjrO9L88lan5DnEGodJzTTRoCdfBh1neVuYjdpx3h3LaJuTQrSh8ns_vni2vJKNXtjXZtUg65f-JflZrLcxLzPE-zNkitr6C0lQsh_Xi5gqZ5dBw%26utm_content%3D186353448%26utm_source%3Dhs_automation&pageViewId=0e044f24-89a9-492f-85eb-ed681386bbbb&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.47.10 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-47-10.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://weshield.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 16:51:02 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:13:58	Name: _GRECAPTCHA Value: 09ABBMTcPaexXr9-ooEfzBMUScq-TN-ylysePQYEYTBpQJrx64xUck4rwfGrn5Cy6lrl_GWQrFkZiMMxGk5OXoJwg
.order.weshield.us/	1969-12-31 23:59:59	Name: __cfruid Value: 2f39826eaa85bd65df4cfa17dc20b3bd5d730a91-1637686256
.pxl.iqm.com/	1970-01-19 23:37:58	Name: iqm.retarget.uid Value: 12c26463-0c04-4e61-8ff5-b8222d2d729b
.6sc.co/	1970-01-20 16:25:58	Name: 6suuid Value: 44c8d9172c750000f11b9d61d002000059010000
.pxl.iqm.com/	1970-01-19 22:54:46	Name: tag.iqm.dsp.initiated Value: true
.pxl.iqm.com/	1970-01-19 23:37:58	Name: liveramp Value: MTYzODg5NTg1Nzc5Ng==
.pxl.iqm.com/	1970-01-19 23:37:58	Name: semcasting Value: MTYzODg5NTg1Nzc5Ng==
.weshield.us/	1970-01-20 01:04:22	Name: _gcl_au Value: 1.1.392105299.1637686258
.rlcdn.com/	1970-01-20 07:40:22	Name: rlas3 Value: jvgV6VkOVcq0qdagVO4M2gxBH24lVaFqaW4TXxPml2I=
.linkedin.com/	1970-01-20 01:04:22	Name: li_sugr Value: 133eace5-a241-42b5-8d51-5b581b313a9f
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:26:40	Name: bcookie Value: "v=2&71f1ea5c-0a9f-464d-8939-63c89b1ceb9b"
.linkedin.com/	1970-01-19 22:56:12	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2463:u=1:x=1:i=1637686258:t=1637772658:v=2:sig=AQFfXqN_1dkp-0eLB8QsOQmSwI5Mt8nP"
weshield.us/	1970-01-20 16:25:58	Name: _gd_svisitor Value: 44c8d9172c750000f11b9d61d002000059010000
.casalemedia.com/	1970-01-20 07:40:22	Name: CMID Value: YZ0b8vcSmKcma7DZKhhl5QAA
.casalemedia.com/	1970-01-20 01:04:22	Name: CMPS Value: 514
.weshield.us/	1970-01-20 01:04:22	Name: _fbp Value: fb.1.1637686258096.1186652848
weshield.us/	1970-01-19 23:04:51	Name: _an_uid Value: 0
weshield.us/	1970-01-20 16:25:58	Name: _gd_visitor Value: f9f65d84-b121-4b15-868f-1c3ae798ee51
weshield.us/	1970-01-19 22:55:00	Name: _gd_session Value: a0bf2848-508e-48a1-8f30-740499b0cc71
.pubmatic.com/	1970-01-19 22:56:12	Name: KTPCACOOKIE Value: YES
.weshield.us/	1970-01-20 16:25:58	Name: _ga Value: GA1.2.2139748818.1637686258
.weshield.us/	1970-01-19 22:56:12	Name: _gid Value: GA1.2.854914554.1637686258
.weshield.us/	1970-01-19 22:54:46	Name: _gat_UA-169184952-1 Value: 1
.rlcdn.com/	1970-01-20 00:21:10	Name: pxrc Value: CPK39IwGEgUI6AcQABIFCOhHEAA=
.tremorhub.com/	1970-01-20 07:40:43	Name: tvid Value: 32e7dcec4b2a4cd9b569ac125a99d12f
.tremorhub.com/	1970-01-20 16:26:40	Name: tv_UIIQ Value: 12c26463-0c04-4e61-8ff5-b8222d2d729b
.advertising.com/	1970-01-20 07:41:48	Name: APID Value: UP88310716-4c7d-11ec-90e3-0e5762b885b3
.casalemedia.com/	1970-01-20 01:04:22	Name: CMPRO Value: 031
.casalemedia.com/	1970-01-20 07:40:22	Name: CMRUM3 Value: b2619d1bf2276012c26463-0c04-4e61-8ff5-b8222d2d729b
.casalemedia.com/	1970-01-19 22:56:12	Name: CMST Value: YZ0b8mGdG-IA
.pubmatic.com/	1970-01-20 01:04:22	Name: KADUSERCOOKIE Value: E646101E-1B21-4DA2-90F2-09136B67D553
.linkedin.com/	1970-01-19 23:37:58	Name: UserMatchHistory Value: AQKYt7uwlrSF1wAAAX1NtSneb1QdPFjV-rS_0wJ2eW7jBFkojaYUtzeH_WA2P412dMvi8pxad_ZtHw
.linkedin.com/	1970-01-19 23:37:58	Name: AnalyticsSyncHistory Value: AQJu4VWnQy4jAwAAAX1NtSneW4z9elivf3rEMVoOuE80M9eXFclImLWjnEUG670K2pHzY9WSt0_H9Vc-0OrOQw
.pxl.iqm.com/	1970-01-19 23:37:58	Name: telaria Value: MTYzODg5NTg1ODE2Mg==
.pxl.iqm.com/	1970-01-19 23:37:58	Name: indexch Value: MTYzODg5NTg1ODE5MA==
.weshield.us/	1970-01-19 22:54:46	Name: _gat_gtag_UA_169184952_1 Value: 1
.doubleclick.net/	1970-01-20 16:25:58	Name: IDE Value: AHWqTUnfW7YxHWGjbSz35enTG0b2XgNW5Dl9DHyFN67dlNmcudi2ghWrk5uU60VI7Fg
d.adroll.com/	1970-01-20 08:23:34	Name: __adroll Value: d8ce38b048d54daf7028590e118b1bb2-a_1637686258
.adroll.com/	1970-01-20 08:23:34	Name: __adroll_shared Value: d8ce38b048d54daf7028590e118b1bb2-a_1637686258
.spotxchange.com/	1970-01-20 07:40:26	Name: audience Value: 88433375-4c7d-11ec-8489-1b1a35d30103
.weshield.us/	1970-01-20 07:40:43	Name: __adroll_fpc Value: 73c6aeb4788c5e2ef030321701dff54f-1637686258269
.pxl.iqm.com/	1970-01-19 23:37:58	Name: adx Value: MTYzODg5NTg1ODI1Ng==
.weshield.us/	1970-01-20 07:40:22	Name: __ar_v4 Value: %7CQMNMPUQDDBBSXKRLZCC4BD%3A20211123%3A1%7C7TC6CKEMDVALVLH4DEAOGO%3A20211123%3A1
.pippio.com/	1970-01-20 07:40:22	Name: did Value: fAoG7a-ZODPGKfVi
.pippio.com/	1970-01-20 07:40:22	Name: didts Value: 1637686258
.pippio.com/	1970-01-20 00:21:10	Name: nnls Value:
.pubmatic.com/	1970-01-20 01:04:22	Name: KRTBCOOKIE_1097 Value: 23028-12c26463-0c04-4e61-8ff5-b8222d2d729b
.pubmatic.com/	1970-01-19 23:37:58	Name: PugT Value: 1637686258
.pubmatic.com/	1970-01-20 01:04:22	Name: PUBMDCID Value: 2
.yahoo.com/	1970-01-20 07:40:43	Name: A3 Value: d=AQABBPIbnWECEBUSWJTyxB7PkJUzVTNV9gAFEgEBAQFtnmGmYQAAAAAA_eMAAA&S=AQAAAjkeGczKQz_W1QK-wqAAFX4
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:26:40	Name: bscookie Value: "v=1&20211123165058c7101598-7c9c-4b86-8c13-ba31745adab0AQGyW4FdUpmH5JO32iAD2WcjsfconpgR"
.pxl.iqm.com/	1970-01-19 23:37:58	Name: pubmatic Value: MTYzODk4MjI1ODMzMQ==
.analytics.yahoo.com/	1970-01-20 07:41:48	Name: IDSYNC Value: 18vn~21p4
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP88310716-4c7d-11ec-90e3-0e5762b885b3
.yahoo.com/	1970-01-19 22:56:12	Name: APIDTS Value: 1637686258
.pippio.com/	1970-01-20 00:21:10	Name: pxrc Value: CPK39IwGEgQIAhAAEgYI3awrEAA=
.pxl.iqm.com/	1970-01-19 23:37:58	Name: onevideo Value: MTYzODg5NTg1ODQ1NA==
.adsymptotic.com/	1970-01-20 01:04:22	Name: U Value: 3cda6bfd4409f5cc0c88bf3ec4f7b3ae
.krxd.net/	1970-01-20 03:13:58	Name: _kuid_ Value: Of9KSwxW
weshield.us/	1970-01-19 22:54:48	Name: drift_campaign_refresh Value: 81e696ed-7b1d-4d4b-8f85-d0bab77ca7c3
.weshield.us/	1970-01-20 08:16:22	Name: __hstc Value: 154496103.788a7f2593cb72e229a1d85e8db41f7d.1637686258815.1637686258815.1637686258815.1
.weshield.us/	1970-01-20 08:16:22	Name: hubspotutk Value: 788a7f2593cb72e229a1d85e8db41f7d
.weshield.us/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.weshield.us/	1970-01-19 22:54:48	Name: __hssc Value: 154496103.1.1637686258815
.hubspot.com/	1970-01-19 22:54:48	Name: __cf_bm Value: ABJ4L6GQh5n.mJ.0SoqPLN3SAzN3TEhw51jCMkKnXiQ-1637686258-0-AVfOIAE2JZ+3ZLapb3CcHlS421Ec7FoCCAFqgOQYlXPUE4tF+UefMQ5gfKjlpeu3UYRZpNVnFqtzG4e5X81WNc0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
b.6sc.co
beacon.krxd.net
bootstrap.api.drift.com
bpi.rtactivate.com
c.6sc.co
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dmx.districtm.io
dsum-sec.casalemedia.com
embeds.driftcdn.com
f71395d2-f622-a58c-8c2a-30789f99f945.z1.dca0.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
idsync.rlcdn.com
image6.pubmatic.com
j.6sc.co
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
metrics.api.drift.com
order.weshield.us
p.adsymptotic.com
partners.tremorhub.com
pippio.com
pixel.advertising.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.iqm.com
s.adroll.com
s.dca0.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
stats.g.doubleclick.net
sync.search.spotxchange.com
track.hubspot.com
ups.analytics.yahoo.com
usermatch.krxd.net
weshield.us
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
104.16.190.66
104.18.99.194
104.36.115.109
107.178.254.65
108.174.10.14
13.225.63.33
13.226.37.17
142.250.64.98
184.73.169.224
192.35.249.127
23.217.47.10
23.52.162.21
2600:141b:13::17d7:82d0
2600:1f18:612b:4232:542e:84b1:1361:c28e
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:9000:21da:d200:6:9280:1080:93a1
2606:2c40::c73c:67e4
2606:4700::6810:5505
2606:4700::6811:45b0
2606:4700::6811:70b0
2606:4700::6811:83ab
2606:4700::6811:cacc
2606:4700::6811:d5cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2607:f8b0:4006:806::2004
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:81e::200e
2607:f8b0:4023:1404::9d
2620:109:c002::6cae:a0e
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.213.3.60
3.218.90.66
34.215.209.196
35.174.191.125
35.190.60.146
45.33.94.74
50.16.7.188
54.147.21.139
54.156.89.184
54.230.162.67
54.90.48.240
68.67.179.122
8.28.7.81
0462db40ca86267ce028b18ca9e0d19e6f0f0aa9cb1a09c94f5c42f3e68446d3
04c1af3c389b84dd206933a70cf91d2d89970f44bb82ecdfe8b9043fa340acf3
055021ee341376454437728c62b8fd299ac68158cabf310abf950a9579a57e7b
087fd77b47d9a5e64a7369ca83efdd7eee99fa05e173b424ea70f91fb40fae1e
0a455faee413910c4069f4b2aa3a264087b269469b64817b85243cbf6d464f97
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d27d2ac15ed29e2769deb82c83901b218fba3535541af03b5e4e389a14b715
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
14a3a7e077c77e3180a74584291e139dd0301b610fe5ec6888fdba19e7e8781c
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
16df4194f430d82cb351d6054ec71cff7a8e33dae69966b074cea33b00fc63c3
1af7c1efd2f6f83030af415ea774873724796ca483fe2d988d88dc9dda636d12
1b25f71e2d65584cc8e9136865d34f9900b9f19033c45462869740feb1ca4913
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d0944298198084550d6b8bcca6c193de4dc8990adc909df1eaaca54bc64e1f2
1e5e3f29206ca046d131a9ea9db973a5a116a5f14c156db28e3a885381c40498
1ebef2210345f570430d0baeb0be8bcbb7608236780a61f3c9d000af835ee45e
206743f5a27b61f302352bf4452f78f13aa34bee7589b306e24677dc3a3e875e
24cb540cb4cc8d1a9d9658ed10d7650afe1d092042041efb1767510771d745d1
24f92d74ad96fd65f52f59e589e53b2621c25aa4310c03b5e1f876ce2e82500b
2582bc50c10ceef617a54a610acd1290a1988fa62b8439e215de57e19d438d9f
25b1d2160b45aea2146ecc1bab02b0a9c91ead6bfda206ea3030856b5574e3ef
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
2ad119adbf41e14691f915062e737af81b5ab62eba5a972fc9509d778ac0e215
2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5
2bff2381a23550d2b7b78f16b83cc1c7f7d9cfca47f90cb548eeeb7638038089
3140db317c7e3cc3d55edd428d0f6e0e3f3fa58c4198b31a341cdc68e88d3d84
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
321a6f842fe9c5190e26175b4b0c7f9c2b11a025f8fdcedd5db6fb88d81052ef
3b9a53c3c93339fadb591266b2ead5099a7c8d46644836f628df7e83c79f2e9b
3cae95b041db640339eae18d74c546f8d7e9fb76e53a1e7cb15d9e8adea93d04
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405756f9ef34f84e175d971f7875fac945507261dcc039e996dbc367ebae82f6
4193c906068e59efea49bf877ce6259a7befce4828660f7a37b12ec3a84c1ecb
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
45aef4e03ff5e4b77acf7773c9286a05416fe9b7e7745a3ba6b8a0e468879d09
4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5147ed58cf763633c7a305305d671150a8afd56a99b71d7ede3fb8f2eb21db2f
52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bfdadb862578871e37676d3ef1ba825baa2a433f968842ac8ff00bb3082819f
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5df6995e2295bbd2f81292b93b770d8cab2980c77677fe73d256bad4339a080b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61b0595bf7a781bfe65f3b810966b111b4e65946dead4dd4fa797f9ec95677e7
61c5e0ee01b43350fc63d6540019ca4a1a2fec438e09e225b715a442a63115f3
62d8220ed22b01985fd211e746c8be9f8d2df54543d9cd32d50d61d65d1bde91
632b56e1be6d3c41afdfb4b5f537e8f1f9ff0682db9760111947ffefd82eacb0
63401c4f0b968067b3c836a17c530390644884ac1c1d504cc2f4c41fd023cfc9
67193e1f8b13691632f81cb4ff92b09955e911cb7760b990eff3c1c258f02266
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f964dd77a034df5a5c9d037ed3caede321ea9bf92638f6b2418bd6f4a2fa450
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
7272f8564a12844c4c9f0a982d68c531647bf4a7a261eaaa6150ce6c716fa8f5
76944cf8f00598fe5f6057260463a7929c82f5082d36243b8229f4a36cdd967b
7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b
7a747f5d631f4592f200c7f0767adf33fcbe4940fb666ac1d19114d1478b5766
7c48a5404497ffe78e5207b03b9e4cefb0fd12540b09a822d2432381bdc07a15
7ceac3946ca9c9a565d7819b861cc73c3bda4eb35bac27de07d6da4cdd4855ea
7d43152ad46b5f66eee36e2b65ce41dc027e33f9ddade0d66b9b70ba72d401e9
7e3bbce85c6a2804610806ac933293d2cdbff6c7d28a470af339b8c86d22ece9
83343010d7e09baf490a9c546fcd7c0887db327d83748232e38df824a45a1fc8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842e686cc76efe1f68606dcaf02090aa9e704247f98d5545d7a76f44b86b6c52
887de514c0974fe759d686e940be036f69f9f01c825f52faea931c77f3647e0e
8b240c7069a4193480d9e398dd572730a4ddebe3428d5f68276e32eb85ad3692
8d4842ea3131afb2c889435d7fa4da85c6692f42ad83a1b0087a47ed10c399fc
95a41b3db790dfbff24cf6ddd8caafc4a1e5a1c59c7cf19c16b8c62d34cc3ef5
9b9cb5ed20b53ea6b4ea1ff2355f4503a2b3a0811b5eea90a46d87932d45a077
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a361e2f0794860cfda89ba85b227c6d01d393078a06b7cd8718e3be53a482cc9
a36abfd5c09b1db4b862cd8d5f3a3f293218476f6144c94c28b927a78aec8e81
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
ab72a7e9f401bc1359aec69c0dee286cd7653de908cd2df6287cff1279cf93a1
aeef287c268b412473c10dd6a2f18244e3c1f9fffc62f0e1bc2b28cf0e2d9169
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dc2324e6515fe7a2c2065ec59b60ec81e96f3d57d652b73f2100ea914fcafc
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b26b2ecaf4b06c00b0e065c20918783b33e003309fd0fdf10c8876ee2edd5f67
bf8e028caa6730932640ad679e31fe66ff9663aa29e214d151a889196081f9e9
c14b6ecea28d110fbf307fa31e248c1eca0e7b6e5895b462ba1782906ea54307
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c61a5b3616fe58f512ff682458b601c81bd8c0d47730a3efb958ff8c06000d5b
c685f6fca95f424a91696b69acfd8c273b9c2b20d1dd12489e7d90558b56e222
c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901
c8d4012b0e524d4e16cb319e2bb274fd6b1f8dee48c6b1e1b5d337c470ecde5a
cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219
cdd2f2497d176d6b6dcad9441dbaf87804ff76715bb76a71cce055b10cd8dcb4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d24951b666a04fb621d72c5932d3fcab552a76528acabe1baf9f14eaa0d39fb1
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d3da1b047cdd9633efb12c06b5fee9cd65580f667167c2a9e17c45df60b1cef1
d81837ed26f36e57ad495d70300698ccbebffae8f69b264f131904f4e36e686a
d951742d66a387e5dd3e7360b667334bafb987b70a463897948ace5536bd378a
da24ab18f3c082e3ba6fcaf7054aeb3e90bf2dbc9e56fe04665d7fd326aefdac
da6e5eccd6f46dd0b12fda7fa82a07ea7fb3a75467693c1c67c486f15cac91a2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a55668d9c32851d67e493d14581a22dcc79326a7b6af3625b45de8e3f1da6b
e94bfa51996a1426c945b1aca8607a1282945b0decd7e30688baad737f9ff790
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ece2ea917173b654d1f26ab6e1eeb0ec7fdb663cf9dc18adc21a4eab44c678b8
ecffb9636a70f675c81ff0fa8ed55ade2a714a0aab59354a880f7b303e655aaf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f5642eea8890a1123d9a49ae8efd66755a53d6b44301249f5d9b27b21acab85d
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
f643c0d3056c03d095fbbc8f850a1e431dd9162484430aaa1d33da4016643788
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

weshield.us Open in urlscan Pro 45.33.94.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

174 Requests

94 %HTTPS

50 %IPv6

39 Domains

52 Subdomains

38 IPs

2 Countries

2957 kBTransfer

7189 kBSize

67 Cookies

14 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

weshield.us Open in urlscan Pro
45.33.94.74 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

94 %
HTTPS

50 %
IPv6

39
Domains

52
Subdomains

38
IPs

2
Countries

2957 kB
Transfer

7189 kB
Size

67
Cookies

174 HTTP transactions
12 data transactions